{"url":"http://public2.vulnerablecode.io/api/packages/538862?format=json","purl":"pkg:composer/microweber/microweber@1.2.7","type":"composer","namespace":"microweber","name":"microweber","version":"1.2.7","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.0.20","latest_non_vulnerable_version":"2.0.20","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46678?format=json","vulnerability_id":"VCID-134y-zfv9-dfdm","summary":"Business Logic Errors in microweber/microweber\nBusiness Logic Errors in GitHub repository microweber/microweber prior to 2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6832","reference_id":"","reference_type":"","scores":[{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34077","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34064","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34043","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34095","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.3411","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6832"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/890e9838aabbc799ebefcf6b20ba25e0fd6dbfee","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-27T17:05:25Z/"}],"url":"https://github.com/microweber/microweber/commit/890e9838aabbc799ebefcf6b20ba25e0fd6dbfee"},{"reference_url":"https://huntr.com/bounties/53105a20-f4b1-45ad-a734-0349de6d7376","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-27T17:05:25Z/"}],"url":"https://huntr.com/bounties/53105a20-f4b1-45ad-a734-0349de6d7376"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6832","reference_id":"CVE-2023-6832","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6832"},{"reference_url":"https://github.com/advisories/GHSA-qjfx-fvx7-3wvw","reference_id":"GHSA-qjfx-fvx7-3wvw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qjfx-fvx7-3wvw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/67588?format=json","purl":"pkg:composer/microweber/microweber@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-77rx-sfvr-n3fm"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jfpu-15p5-5uhj"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-wyrr-s3f6-wkdu"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zm9t-p349-1bff"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.0"}],"aliases":["CVE-2023-6832","GHSA-qjfx-fvx7-3wvw"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-134y-zfv9-dfdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42555?format=json","vulnerability_id":"VCID-1b1v-qwjt-aqex","summary":"Rate limit missing in microweber\nWeak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0777","reference_id":"","reference_type":"","scores":[{"value":"0.00509","scoring_system":"epss","scoring_elements":"0.66724","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00509","scoring_system":"epss","scoring_elements":"0.66773","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00509","scoring_system":"epss","scoring_elements":"0.66765","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00509","scoring_system":"epss","scoring_elements":"0.6676","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00509","scoring_system":"epss","scoring_elements":"0.66743","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00509","scoring_system":"epss","scoring_elements":"0.66758","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0777"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/a3944cf9d1d8c41a48297ddc98302934e2511b0f","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/a3944cf9d1d8c41a48297ddc98302934e2511b0f"},{"reference_url":"https://huntr.dev/bounties/b36be8cd-544f-42bd-990d-aa1a46df44d7","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/b36be8cd-544f-42bd-990d-aa1a46df44d7"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0777","reference_id":"CVE-2022-0777","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0777"},{"reference_url":"https://github.com/advisories/GHSA-7r79-mrp6-8mhq","reference_id":"GHSA-7r79-mrp6-8mhq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7r79-mrp6-8mhq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60784?format=json","purl":"pkg:composer/microweber/microweber@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.0"}],"aliases":["CVE-2022-0777","GHSA-7r79-mrp6-8mhq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1b1v-qwjt-aqex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42317?format=json","vulnerability_id":"VCID-1cwm-wk9y-nkbe","summary":"A Cross-Site Request Forgery (CSRF) vulnerability was found in microweber.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0505","reference_id":"","reference_type":"","scores":[{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35659","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3571","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35695","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35734","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35773","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35762","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0505"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/63447b369973724f0d352a006f25af6ff71ae292","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/63447b369973724f0d352a006f25af6ff71ae292"},{"reference_url":"https://huntr.dev/bounties/65b5a243-3f0c-4df3-9bab-898332180968","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/65b5a243-3f0c-4df3-9bab-898332180968"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0505","reference_id":"CVE-2022-0505","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0505"},{"reference_url":"https://github.com/advisories/GHSA-7x2h-3v2v-24p9","reference_id":"GHSA-7x2h-3v2v-24p9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7x2h-3v2v-24p9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0505","GHSA-7x2h-3v2v-24p9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1cwm-wk9y-nkbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42539?format=json","vulnerability_id":"VCID-1g32-s1rj-pudx","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0763","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46568","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46635","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46634","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46597","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46586","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46614","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0763"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/c897d0dc159849763a813184d9b75b966c6360bf","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/c897d0dc159849763a813184d9b75b966c6360bf"},{"reference_url":"https://huntr.dev/bounties/6de9c621-740d-4d7a-9d77-d90c6c87f3b6","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/6de9c621-740d-4d7a-9d77-d90c6c87f3b6"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0763","reference_id":"CVE-2022-0763","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0763"},{"reference_url":"https://github.com/advisories/GHSA-6m26-25q2-cq46","reference_id":"GHSA-6m26-25q2-cq46","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6m26-25q2-cq46"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60784?format=json","purl":"pkg:composer/microweber/microweber@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.0"}],"aliases":["CVE-2022-0763","GHSA-6m26-25q2-cq46"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1g32-s1rj-pudx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42638?format=json","vulnerability_id":"VCID-1ga3-v4ww-6kd9","summary":"Unrestricted Upload of File with Dangerous Type\nAbusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0921","reference_id":"","reference_type":"","scores":[{"value":"0.04555","scoring_system":"epss","scoring_elements":"0.8938","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04555","scoring_system":"epss","scoring_elements":"0.89415","published_at":"2026-06-09T12:55:00Z"},{"value":"0.04555","scoring_system":"epss","scoring_elements":"0.89396","published_at":"2026-06-07T12:55:00Z"},{"value":"0.04555","scoring_system":"epss","scoring_elements":"0.89398","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0921"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/867bdda1b4660b0795ad7f87ab5abe9e44b2b318","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/867bdda1b4660b0795ad7f87ab5abe9e44b2b318"},{"reference_url":"https://huntr.dev/bounties/e368be37-1cb4-4292-8d48-07132725f622","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/e368be37-1cb4-4292-8d48-07132725f622"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0921","reference_id":"CVE-2022-0921","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0921"},{"reference_url":"https://github.com/advisories/GHSA-j878-43hm-8gr5","reference_id":"GHSA-j878-43hm-8gr5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j878-43hm-8gr5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60956?format=json","purl":"pkg:composer/microweber/microweber@1.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.12"}],"aliases":["CVE-2022-0921","GHSA-j878-43hm-8gr5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ga3-v4ww-6kd9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110416?format=json","vulnerability_id":"VCID-1uhd-zk26-67fq","summary":"Microweber Stored Cross-site Scripting before v1.2.20\nMicrowerber prior to version 1.2.20 is vulnerable to stored Cross-site Scripting (XSS).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2495","reference_id":"","reference_type":"","scores":[{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56371","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56433","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56427","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56422","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56405","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56421","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2495"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/d35e691e72d358430abc8e99f5ba9eb374423b9f","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/d35e691e72d358430abc8e99f5ba9eb374423b9f"},{"reference_url":"https://huntr.dev/bounties/00affb69-275d-4f4c-b419-437922bc7798","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/00affb69-275d-4f4c-b419-437922bc7798"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2495","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2495"},{"reference_url":"https://github.com/advisories/GHSA-xg72-6c83-ghh4","reference_id":"GHSA-xg72-6c83-ghh4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xg72-6c83-ghh4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/149065?format=json","purl":"pkg:composer/microweber/microweber@1.2.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.20"}],"aliases":["CVE-2022-2495","GHSA-xg72-6c83-ghh4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1uhd-zk26-67fq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45336?format=json","vulnerability_id":"VCID-1vkt-7xcf-jfdm","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3142","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.21035","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20976","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.21021","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.58043","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.58061","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3142"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/42efa981a2239d042d910069952d6276497bdcf1","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-06T21:09:56Z/"}],"url":"https://github.com/microweber/microweber/commit/42efa981a2239d042d910069952d6276497bdcf1"},{"reference_url":"https://huntr.dev/bounties/d00686b0-f89a-4e14-98d7-b8dd3f92a6e5","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-06T21:09:56Z/"}],"url":"https://huntr.dev/bounties/d00686b0-f89a-4e14-98d7-b8dd3f92a6e5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3142","reference_id":"CVE-2023-3142","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3142"},{"reference_url":"https://github.com/advisories/GHSA-fqcv-rfp6-wv92","reference_id":"GHSA-fqcv-rfp6-wv92","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fqcv-rfp6-wv92"}],"fixed_packages":[],"aliases":["CVE-2023-3142","GHSA-fqcv-rfp6-wv92"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1vkt-7xcf-jfdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42496?format=json","vulnerability_id":"VCID-21j3-jjng-dbcs","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0690","reference_id":"","reference_type":"","scores":[{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.75244","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.7528","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.75255","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.75268","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.75277","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.75274","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0690"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/f7f5d41ba1a08ceed37c00d5f70a3f48b272e9f2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/f7f5d41ba1a08ceed37c00d5f70a3f48b272e9f2"},{"reference_url":"https://huntr.dev/bounties/4999a0f4-6efb-4681-b4ba-b36babc366f9","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/4999a0f4-6efb-4681-b4ba-b36babc366f9"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0690","reference_id":"CVE-2022-0690","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0690"},{"reference_url":"https://github.com/advisories/GHSA-rgp5-m2pq-3fmg","reference_id":"GHSA-rgp5-m2pq-3fmg","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rgp5-m2pq-3fmg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0690","GHSA-rgp5-m2pq-3fmg"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-21j3-jjng-dbcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42507?format=json","vulnerability_id":"VCID-24g4-qkgh-juby","summary":"Cross-site Scripting in Microweber\nCross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0719","reference_id":"","reference_type":"","scores":[{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59959","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59998","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.5998","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59997","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.60009","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.60006","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0719"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/a5925f74d39775771d4c37c8d4c1acbb762fda0a","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/a5925f74d39775771d4c37c8d4c1acbb762fda0a"},{"reference_url":"https://huntr.dev/bounties/bcdce15b-7f40-4971-a061-c25c6053c312","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/bcdce15b-7f40-4971-a061-c25c6053c312"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0719","reference_id":"CVE-2022-0719","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0719"},{"reference_url":"https://github.com/advisories/GHSA-hj8g-cw8x-2c6m","reference_id":"GHSA-hj8g-cw8x-2c6m","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hj8g-cw8x-2c6m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60784?format=json","purl":"pkg:composer/microweber/microweber@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.0"}],"aliases":["CVE-2022-0719","GHSA-hj8g-cw8x-2c6m"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-24g4-qkgh-juby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42483?format=json","vulnerability_id":"VCID-2q36-5mb1-gqcy","summary":"Improper Neutralization of CRLF Sequences ('CRLF Injection')\nCRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0666","reference_id":"","reference_type":"","scores":[{"value":"0.17242","scoring_system":"epss","scoring_elements":"0.95161","published_at":"2026-06-06T12:55:00Z"},{"value":"0.17242","scoring_system":"epss","scoring_elements":"0.95166","published_at":"2026-06-09T12:55:00Z"},{"value":"0.17242","scoring_system":"epss","scoring_elements":"0.95162","published_at":"2026-06-08T12:55:00Z"},{"value":"0.17242","scoring_system":"epss","scoring_elements":"0.95163","published_at":"2026-06-07T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.9606","published_at":"2026-06-04T12:55:00Z"},{"value":"0.2338","scoring_system":"epss","scoring_elements":"0.96064","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0666"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/f0e338f1b7dc5ec9d99231f4ed3fa6245a5eb128","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/f0e338f1b7dc5ec9d99231f4ed3fa6245a5eb128"},{"reference_url":"https://huntr.dev/bounties/7215afc7-9133-4749-8e8e-0569317dbd55","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/7215afc7-9133-4749-8e8e-0569317dbd55"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0666","reference_id":"CVE-2022-0666","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0666"},{"reference_url":"https://github.com/advisories/GHSA-3wwj-wh2w-g4xp","reference_id":"GHSA-3wwj-wh2w-g4xp","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3wwj-wh2w-g4xp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0666","GHSA-3wwj-wh2w-g4xp"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2q36-5mb1-gqcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110263?format=json","vulnerability_id":"VCID-2s4c-twpg-xfed","summary":"Microweber vulnerable to cross-site scripting (XSS)\nMicroweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the 'select-file' parameter. There was a patch released in the development branch but is not yet committed to the main branch.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0698","reference_id":"","reference_type":"","scores":[{"value":"0.02106","scoring_system":"epss","scoring_elements":"0.84426","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02106","scoring_system":"epss","scoring_elements":"0.84423","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02106","scoring_system":"epss","scoring_elements":"0.8441","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02106","scoring_system":"epss","scoring_elements":"0.84422","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02106","scoring_system":"epss","scoring_elements":"0.84403","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02106","scoring_system":"epss","scoring_elements":"0.84429","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0698"},{"reference_url":"https://fluidattacks.com/advisories/garrix","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://fluidattacks.com/advisories/garrix"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0698","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0698"},{"reference_url":"https://fluidattacks.com/advisories/garrix/","reference_id":"garrix","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T17:34:42Z/"}],"url":"https://fluidattacks.com/advisories/garrix/"},{"reference_url":"https://github.com/advisories/GHSA-79gx-3fm8-qxqq","reference_id":"GHSA-79gx-3fm8-qxqq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-79gx-3fm8-qxqq"},{"reference_url":"https://github.com/microweber/microweber/","reference_id":"microweber","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T17:34:42Z/"}],"url":"https://github.com/microweber/microweber/"}],"fixed_packages":[],"aliases":["CVE-2022-0698","GHSA-79gx-3fm8-qxqq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2s4c-twpg-xfed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46584?format=json","vulnerability_id":"VCID-2v1q-rcbt-skdh","summary":"Missing Standardized Error Handling Mechanism in GitHub repository microweber/microweber prior to 2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6599","reference_id":"","reference_type":"","scores":[{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57708","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57712","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57695","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57709","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00349","scoring_system":"epss","scoring_elements":"0.57717","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6599"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/f7eb9e1c6e801346f07f3b0164a01ac5f2ca5cfd","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/f7eb9e1c6e801346f07f3b0164a01ac5f2ca5cfd"},{"reference_url":"https://huntr.com/bounties/6198785c-bf60-422e-9b80-68a6e658a10e","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.com/bounties/6198785c-bf60-422e-9b80-68a6e658a10e"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6599","reference_id":"CVE-2023-6599","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6599"},{"reference_url":"https://github.com/advisories/GHSA-9r6p-hg4g-5gxp","reference_id":"GHSA-9r6p-hg4g-5gxp","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9r6p-hg4g-5gxp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/67588?format=json","purl":"pkg:composer/microweber/microweber@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-77rx-sfvr-n3fm"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jfpu-15p5-5uhj"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-wyrr-s3f6-wkdu"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zm9t-p349-1bff"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.0"}],"aliases":["CVE-2023-6599","GHSA-9r6p-hg4g-5gxp"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2v1q-rcbt-skdh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43278?format=json","vulnerability_id":"VCID-2zjc-axfa-myaf","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nReflected XSS in GitHub repository microweber/microweber prior to 1.2.16. Executing JavaScript as the victim","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1584","reference_id":"","reference_type":"","scores":[{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55419","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.5543","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55425","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.554","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55369","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1584"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/527abd148e6b7aff8df92a9f1aa951e5bebac59c","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/527abd148e6b7aff8df92a9f1aa951e5bebac59c"},{"reference_url":"https://huntr.dev/bounties/69f4ca67-d615-4f25-b2d1-19df7bf1107d","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/69f4ca67-d615-4f25-b2d1-19df7bf1107d"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1584","reference_id":"CVE-2022-1584","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1584"},{"reference_url":"https://github.com/advisories/GHSA-f23x-4gf4-m9ff","reference_id":"GHSA-f23x-4gf4-m9ff","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f23x-4gf4-m9ff"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/61980?format=json","purl":"pkg:composer/microweber/microweber@1.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.16"}],"aliases":["CVE-2022-1584","GHSA-f23x-4gf4-m9ff"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2zjc-axfa-myaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46120?format=json","vulnerability_id":"VCID-34tz-yfnz-pqcj","summary":"Use of Hard-coded Credentials in GitHub repository microweber/microweber prior to 2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5318","reference_id":"","reference_type":"","scores":[{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56255","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56258","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56239","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56262","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56268","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5318"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/c48b34dfd6cae7a55b452280d692dc62512574b0","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:21:58Z/"}],"url":"https://github.com/microweber/microweber/commit/c48b34dfd6cae7a55b452280d692dc62512574b0"},{"reference_url":"https://huntr.dev/bounties/17826bdd-8136-48ae-afb9-af627cb6fd5d","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:21:58Z/"}],"url":"https://huntr.dev/bounties/17826bdd-8136-48ae-afb9-af627cb6fd5d"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5318","reference_id":"CVE-2023-5318","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5318"},{"reference_url":"https://github.com/advisories/GHSA-r657-3wqh-g2x9","reference_id":"GHSA-r657-3wqh-g2x9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r657-3wqh-g2x9"}],"fixed_packages":[],"aliases":["CVE-2023-5318","GHSA-r657-3wqh-g2x9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-34tz-yfnz-pqcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42152?format=json","vulnerability_id":"VCID-3hnh-fgu8-4fay","summary":"Code Injection in microweber\nCross-site Scripting in Packagist microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0282","reference_id":"","reference_type":"","scores":[{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71854","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71886","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71863","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71878","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.719","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00675","scoring_system":"epss","scoring_elements":"0.71893","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0282"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/51b5a4e3ef01e587797c0109159a8ad9d2bac77a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/51b5a4e3ef01e587797c0109159a8ad9d2bac77a"},{"reference_url":"https://huntr.dev/bounties/8815b642-bd9b-4737-951b-bde7319faedd","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/8815b642-bd9b-4737-951b-bde7319faedd"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0282","reference_id":"CVE-2022-0282","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0282"},{"reference_url":"https://github.com/advisories/GHSA-p5hj-xxfr-pwc3","reference_id":"GHSA-p5hj-xxfr-pwc3","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p5hj-xxfr-pwc3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0282","GHSA-p5hj-xxfr-pwc3"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3hnh-fgu8-4fay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42331?format=json","vulnerability_id":"VCID-3p66-27xs-z3f1","summary":"Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0504","reference_id":"","reference_type":"","scores":[{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52468","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52511","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52489","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52516","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52536","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52527","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0504"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/e607e5f745cd99d5c06a7fce16b3577fab8e1250","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/e607e5f745cd99d5c06a7fce16b3577fab8e1250"},{"reference_url":"https://huntr.dev/bounties/285ff8a0-a273-4d62-ba01-3e4b4e18467b","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/285ff8a0-a273-4d62-ba01-3e4b4e18467b"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0504","reference_id":"CVE-2022-0504","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0504"},{"reference_url":"https://github.com/advisories/GHSA-xxq4-3742-3h28","reference_id":"GHSA-xxq4-3742-3h28","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xxq4-3742-3h28"}],"fixed_packages":[],"aliases":["CVE-2022-0504","GHSA-xxq4-3742-3h28"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3p66-27xs-z3f1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43280?format=json","vulnerability_id":"VCID-4cz1-k4s6-cuep","summary":"Microweber vulnerable to cross-site scripting (XSS)\nDOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber prior to 1.2.16. inject arbitrary js code, deface website, steal cookie...","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1555","reference_id":"","reference_type":"","scores":[{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76101","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76131","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76107","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76119","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76127","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76126","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1555"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/724e2d186a33c0c27273107dc4f160a09384877f","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/724e2d186a33c0c27273107dc4f160a09384877f"},{"reference_url":"https://huntr.dev/bounties/d9f9b5bd-16f3-4eaa-9e36-d4958b557687","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/d9f9b5bd-16f3-4eaa-9e36-d4958b557687"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1555","reference_id":"CVE-2022-1555","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1555"},{"reference_url":"https://github.com/advisories/GHSA-6346-5r4h-ff5x","reference_id":"GHSA-6346-5r4h-ff5x","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6346-5r4h-ff5x"}],"fixed_packages":[],"aliases":["CVE-2022-1555","GHSA-6346-5r4h-ff5x"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4cz1-k4s6-cuep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42634?format=json","vulnerability_id":"VCID-4pap-526e-4kea","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.12.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0928","reference_id":"","reference_type":"","scores":[{"value":"0.06259","scoring_system":"epss","scoring_elements":"0.91072","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06259","scoring_system":"epss","scoring_elements":"0.91084","published_at":"2026-06-06T12:55:00Z"},{"value":"0.06259","scoring_system":"epss","scoring_elements":"0.91085","published_at":"2026-06-05T12:55:00Z"},{"value":"0.06259","scoring_system":"epss","scoring_elements":"0.91094","published_at":"2026-06-09T12:55:00Z"},{"value":"0.06259","scoring_system":"epss","scoring_elements":"0.91078","published_at":"2026-06-08T12:55:00Z"},{"value":"0.06259","scoring_system":"epss","scoring_elements":"0.91081","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0928"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/fc9137c031f7edec5f50d73b300919fb519c924a","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/fc9137c031f7edec5f50d73b300919fb519c924a"},{"reference_url":"https://huntr.dev/bounties/085aafdd-ba50-44c7-9650-fa573da29bcd","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/085aafdd-ba50-44c7-9650-fa573da29bcd"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0928","reference_id":"CVE-2022-0928","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0928"},{"reference_url":"https://github.com/advisories/GHSA-jjp3-m93h-5jm4","reference_id":"GHSA-jjp3-m93h-5jm4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jjp3-m93h-5jm4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60956?format=json","purl":"pkg:composer/microweber/microweber@1.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.12"}],"aliases":["CVE-2022-0928","GHSA-jjp3-m93h-5jm4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4pap-526e-4kea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42704?format=json","vulnerability_id":"VCID-5dbu-xx9r-euac","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nUnrestricted XML Files Leads to Stored XSS in GitHub repository microweber/microweber prior to 1.2.12.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0963","reference_id":"","reference_type":"","scores":[{"value":"0.08256","scoring_system":"epss","scoring_elements":"0.92374","published_at":"2026-06-04T12:55:00Z"},{"value":"0.08256","scoring_system":"epss","scoring_elements":"0.92384","published_at":"2026-06-06T12:55:00Z"},{"value":"0.08256","scoring_system":"epss","scoring_elements":"0.92388","published_at":"2026-06-05T12:55:00Z"},{"value":"0.08256","scoring_system":"epss","scoring_elements":"0.92397","published_at":"2026-06-09T12:55:00Z"},{"value":"0.08256","scoring_system":"epss","scoring_elements":"0.92379","published_at":"2026-06-08T12:55:00Z"},{"value":"0.08256","scoring_system":"epss","scoring_elements":"0.9238","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0963"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/975fc1d6d3fba598ee550849ceb81af23ce72e08","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/975fc1d6d3fba598ee550849ceb81af23ce72e08"},{"reference_url":"https://huntr.dev/bounties/a89a4198-0880-4aa2-8439-a463f39f244c","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/a89a4198-0880-4aa2-8439-a463f39f244c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0963","reference_id":"CVE-2022-0963","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0963"},{"reference_url":"https://github.com/advisories/GHSA-q3x2-jvp3-wj78","reference_id":"GHSA-q3x2-jvp3-wj78","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q3x2-jvp3-wj78"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60956?format=json","purl":"pkg:composer/microweber/microweber@1.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.12"}],"aliases":["CVE-2022-0963","GHSA-q3x2-jvp3-wj78"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5dbu-xx9r-euac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46108?format=json","vulnerability_id":"VCID-5dvd-bu4g-pkha","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5244","reference_id":"","reference_type":"","scores":[{"value":"0.28933","scoring_system":"epss","scoring_elements":"0.96658","published_at":"2026-06-05T12:55:00Z"},{"value":"0.28933","scoring_system":"epss","scoring_elements":"0.96668","published_at":"2026-06-09T12:55:00Z"},{"value":"0.28933","scoring_system":"epss","scoring_elements":"0.96663","published_at":"2026-06-08T12:55:00Z"},{"value":"0.28933","scoring_system":"epss","scoring_elements":"0.96662","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5244"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/1cb846f8f54ff6f5c668f3ae64dd81740a7e8968","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:10:08Z/"}],"url":"https://github.com/microweber/microweber/commit/1cb846f8f54ff6f5c668f3ae64dd81740a7e8968"},{"reference_url":"https://huntr.dev/bounties/a3bd58ba-ca59-4cba-85d1-799f73a76470","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:10:08Z/"}],"url":"https://huntr.dev/bounties/a3bd58ba-ca59-4cba-85d1-799f73a76470"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5244","reference_id":"CVE-2023-5244","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5244"},{"reference_url":"https://github.com/advisories/GHSA-rgf9-j7gv-rq22","reference_id":"GHSA-rgf9-j7gv-rq22","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rgf9-j7gv-rq22"}],"fixed_packages":[],"aliases":["CVE-2023-5244","GHSA-rgf9-j7gv-rq22"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5dvd-bu4g-pkha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44544?format=json","vulnerability_id":"VCID-5udv-gpdc-k3he","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1081","reference_id":"","reference_type":"","scores":[{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53357","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53365","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53297","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53347","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53323","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00297","scoring_system":"epss","scoring_elements":"0.53349","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1081"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/29d418461d8407688f2720e7b4be915e03fc16c1","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/29d418461d8407688f2720e7b4be915e03fc16c1"},{"reference_url":"https://huntr.dev/bounties/cf59deed-9d43-4552-acfd-43f38f3aabba","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/cf59deed-9d43-4552-acfd-43f38f3aabba"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1081","reference_id":"CVE-2023-1081","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1081"},{"reference_url":"https://github.com/advisories/GHSA-c2rc-8m9f-g4fh","reference_id":"GHSA-c2rc-8m9f-g4fh","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c2rc-8m9f-g4fh"}],"fixed_packages":[],"aliases":["CVE-2023-1081","GHSA-c2rc-8m9f-g4fh"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5udv-gpdc-k3he"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110402?format=json","vulnerability_id":"VCID-6h14-edpz-nfaf","summary":"Microweber before 1.2.21 allows attacker to bypass IP detection to brute-force password\nIn the login API, an IP address will by default be blocked when the user tries to login incorrectly more than 5 times. However, a bypass to this mechanism is possible by abusing a X-Forwarded-For header to bypass IP detection and perform a password brute-force. A patch for this issue is available in Microweber version 1.2.21.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2368","reference_id":"","reference_type":"","scores":[{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30665","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30657","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.3064","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30672","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30704","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30738","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2368"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/53c000ccd5602536e28b15d9630eb8261b04a302","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/53c000ccd5602536e28b15d9630eb8261b04a302"},{"reference_url":"https://huntr.dev/bounties/a9595eda-a5e0-4717-8d64-b445ef83f452","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/a9595eda-a5e0-4717-8d64-b445ef83f452"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2368","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2368"},{"reference_url":"https://github.com/advisories/GHSA-9wqr-9787-p4rf","reference_id":"GHSA-9wqr-9787-p4rf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9wqr-9787-p4rf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/149042?format=json","purl":"pkg:composer/microweber/microweber@1.2.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.21"}],"aliases":["CVE-2022-2368","GHSA-9wqr-9787-p4rf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6h14-edpz-nfaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110765?format=json","vulnerability_id":"VCID-76h1-36zm-gkhs","summary":"Cross-site Scripting in Microweber\nCross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.18.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2174","reference_id":"","reference_type":"","scores":[{"value":"0.35129","scoring_system":"epss","scoring_elements":"0.97124","published_at":"2026-06-04T12:55:00Z"},{"value":"0.35129","scoring_system":"epss","scoring_elements":"0.97134","published_at":"2026-06-09T12:55:00Z"},{"value":"0.35129","scoring_system":"epss","scoring_elements":"0.97131","published_at":"2026-06-08T12:55:00Z"},{"value":"0.35129","scoring_system":"epss","scoring_elements":"0.97129","published_at":"2026-06-06T12:55:00Z"},{"value":"0.35129","scoring_system":"epss","scoring_elements":"0.97127","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2174"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/c51285f791e48e536111cd57a9544ccbf7f33961","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/c51285f791e48e536111cd57a9544ccbf7f33961"},{"reference_url":"https://huntr.dev/bounties/ac68e3fc-8cf1-4a62-90ee-95c4b2bad607","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/ac68e3fc-8cf1-4a62-90ee-95c4b2bad607"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2174","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2174"},{"reference_url":"https://github.com/advisories/GHSA-3x96-m42v-hvh5","reference_id":"GHSA-3x96-m42v-hvh5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3x96-m42v-hvh5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/149543?format=json","purl":"pkg:composer/microweber/microweber@1.2.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.18"}],"aliases":["CVE-2022-2174","GHSA-3x96-m42v-hvh5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-76h1-36zm-gkhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46315?format=json","vulnerability_id":"VCID-7aqf-5qq6-9kak","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5861","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22496","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2245","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22446","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22558","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22545","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5861"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/6ed7ebf1631dd8f0780caa4151a5538f3b227d26","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T17:52:21Z/"}],"url":"https://github.com/microweber/microweber/commit/6ed7ebf1631dd8f0780caa4151a5538f3b227d26"},{"reference_url":"https://huntr.com/bounties/7baecef8-6c59-42fc-bced-886c4929e220","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H"},{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T17:52:21Z/"}],"url":"https://huntr.com/bounties/7baecef8-6c59-42fc-bced-886c4929e220"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5861","reference_id":"CVE-2023-5861","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5861"},{"reference_url":"https://github.com/advisories/GHSA-7q5f-29gx-57ff","reference_id":"GHSA-7q5f-29gx-57ff","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7q5f-29gx-57ff"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/67588?format=json","purl":"pkg:composer/microweber/microweber@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-77rx-sfvr-n3fm"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jfpu-15p5-5uhj"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-wyrr-s3f6-wkdu"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zm9t-p349-1bff"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.0"}],"aliases":["CVE-2023-5861","GHSA-7q5f-29gx-57ff"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7aqf-5qq6-9kak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110805?format=json","vulnerability_id":"VCID-7q86-jthq-mfeb","summary":"Cross-site Scripting in Microweber\nMicroweber versions 1.2.17 and prior are vulnerable to cross-site scripting. A patch is available on the `dev laravel9-php8` branch of the repository.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2130","reference_id":"","reference_type":"","scores":[{"value":"0.43672","scoring_system":"epss","scoring_elements":"0.9759","published_at":"2026-06-04T12:55:00Z"},{"value":"0.43672","scoring_system":"epss","scoring_elements":"0.97599","published_at":"2026-06-09T12:55:00Z"},{"value":"0.43672","scoring_system":"epss","scoring_elements":"0.97597","published_at":"2026-06-08T12:55:00Z"},{"value":"0.43672","scoring_system":"epss","scoring_elements":"0.97595","published_at":"2026-06-07T12:55:00Z"},{"value":"0.43672","scoring_system":"epss","scoring_elements":"0.97596","published_at":"2026-06-06T12:55:00Z"},{"value":"0.43672","scoring_system":"epss","scoring_elements":"0.97594","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2130"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/dbd37dda91911360db23269897c737e0abae2c24","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/dbd37dda91911360db23269897c737e0abae2c24"},{"reference_url":"https://huntr.dev/bounties/0142970a-5cb8-4dba-8bbc-4fa2f3bee65c","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/0142970a-5cb8-4dba-8bbc-4fa2f3bee65c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2130","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2130"},{"reference_url":"https://github.com/advisories/GHSA-27g3-58v4-fg9w","reference_id":"GHSA-27g3-58v4-fg9w","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-27g3-58v4-fg9w"}],"fixed_packages":[],"aliases":["CVE-2022-2130","GHSA-27g3-58v4-fg9w"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7q86-jthq-mfeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45023?format=json","vulnerability_id":"VCID-7wcg-mtsc-mqa8","summary":"Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository microweber/microweber prior to 1.3.4.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2239","reference_id":"","reference_type":"","scores":[{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50865","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50851","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50834","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5088","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50885","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2239"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/b0644cb3411b36b6ccc2ff7cdf7af3fa49525baa","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T19:35:13Z/"}],"url":"https://github.com/microweber/microweber/commit/b0644cb3411b36b6ccc2ff7cdf7af3fa49525baa"},{"reference_url":"https://huntr.dev/bounties/edeff16b-fc71-4e26-8d2d-dfe7bb5e7868","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T19:35:13Z/"}],"url":"https://huntr.dev/bounties/edeff16b-fc71-4e26-8d2d-dfe7bb5e7868"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2239","reference_id":"CVE-2023-2239","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2239"},{"reference_url":"https://github.com/advisories/GHSA-h83h-77x2-6w6g","reference_id":"GHSA-h83h-77x2-6w6g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h83h-77x2-6w6g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64927?format=json","purl":"pkg:composer/microweber/microweber@1.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.4"}],"aliases":["CVE-2023-2239","GHSA-h83h-77x2-6w6g"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7wcg-mtsc-mqa8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42717?format=json","vulnerability_id":"VCID-88sa-4yv8-ybc2","summary":"Denial of service in microweber\nThe microweber application allows large characters to insert in the input field \"post title\" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in GitHub repository microweber/microweber prior to 1.2.12.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0961","reference_id":"","reference_type":"","scores":[{"value":"0.01843","scoring_system":"epss","scoring_elements":"0.83315","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01843","scoring_system":"epss","scoring_elements":"0.83345","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01843","scoring_system":"epss","scoring_elements":"0.83331","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01843","scoring_system":"epss","scoring_elements":"0.83339","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01843","scoring_system":"epss","scoring_elements":"0.83343","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01843","scoring_system":"epss","scoring_elements":"0.8334","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0961"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/f7acbd075dff4825b35b597b74958de9edce67fc","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/f7acbd075dff4825b35b597b74958de9edce67fc"},{"reference_url":"https://huntr.dev/bounties/cdf00e14-38a7-4b6b-9bb4-3a71bf24e436","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/cdf00e14-38a7-4b6b-9bb4-3a71bf24e436"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0961","reference_id":"CVE-2022-0961","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0961"},{"reference_url":"https://github.com/advisories/GHSA-hrf4-hcpc-3345","reference_id":"GHSA-hrf4-hcpc-3345","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hrf4-hcpc-3345"}],"fixed_packages":[],"aliases":["CVE-2022-0961","GHSA-hrf4-hcpc-3345"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-88sa-4yv8-ybc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42494?format=json","vulnerability_id":"VCID-8g5k-sv8a-x7bb","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0678","reference_id":"","reference_type":"","scores":[{"value":"0.00903","scoring_system":"epss","scoring_elements":"0.76087","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00903","scoring_system":"epss","scoring_elements":"0.76117","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00903","scoring_system":"epss","scoring_elements":"0.76093","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00903","scoring_system":"epss","scoring_elements":"0.76105","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00903","scoring_system":"epss","scoring_elements":"0.76113","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00903","scoring_system":"epss","scoring_elements":"0.76112","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0678"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/2b8fa5aac31e51e2aca83c7ef5d1281ba2e755f8","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/2b8fa5aac31e51e2aca83c7ef5d1281ba2e755f8"},{"reference_url":"https://huntr.dev/bounties/d707137a-aace-44c5-b15c-1807035716c0","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/d707137a-aace-44c5-b15c-1807035716c0"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0678","reference_id":"CVE-2022-0678","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0678"},{"reference_url":"https://github.com/advisories/GHSA-38m9-3vg4-rwvp","reference_id":"GHSA-38m9-3vg4-rwvp","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-38m9-3vg4-rwvp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0678","GHSA-38m9-3vg4-rwvp"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8g5k-sv8a-x7bb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110424?format=json","vulnerability_id":"VCID-8syx-k5wt-ubhw","summary":"Microweber before v1.2.20 vulnerable to cross-site scripting\nPrior to Microweber v1.2.20, due to improper neutralization of input, an attacker can steal tokens to perform cross-site request forgery (CSRF), fetch contents from same-site and redirect a user.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2353","reference_id":"","reference_type":"","scores":[{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30646","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30686","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00121","scoring_system":"epss","scoring_elements":"0.30719","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35693","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35667","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35652","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2353"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/79c6914bab8c9da07ac950fda17648d08c68b130","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/79c6914bab8c9da07ac950fda17648d08c68b130"},{"reference_url":"https://huntr.dev/bounties/7782c095-9e8c-48b0-a7f5-3a8f52e8af52","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/7782c095-9e8c-48b0-a7f5-3a8f52e8af52"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2353","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2353"},{"reference_url":"https://github.com/advisories/GHSA-gmh3-x5w7-jg5m","reference_id":"GHSA-gmh3-x5w7-jg5m","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gmh3-x5w7-jg5m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/149065?format=json","purl":"pkg:composer/microweber/microweber@1.2.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.20"}],"aliases":["CVE-2022-2353","GHSA-gmh3-x5w7-jg5m"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8syx-k5wt-ubhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42161?format=json","vulnerability_id":"VCID-a2mv-eck2-dfce","summary":"Improper Privilege Management\nImproper Access Control in Packagist microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0277","reference_id":"","reference_type":"","scores":[{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.5267","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.52735","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.52729","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.52714","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.5269","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.52716","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0277"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/e680e134a4215c979bfd2eaf58336be34c8fc6e6","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/e680e134a4215c979bfd2eaf58336be34c8fc6e6"},{"reference_url":"https://huntr.dev/bounties/0e776f3d-35b1-4a9e-8fe8-91e46c0d6316","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/0e776f3d-35b1-4a9e-8fe8-91e46c0d6316"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0277","reference_id":"CVE-2022-0277","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0277"},{"reference_url":"https://github.com/advisories/GHSA-vcgf-vmpc-ph79","reference_id":"GHSA-vcgf-vmpc-ph79","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vcgf-vmpc-ph79"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0277","GHSA-vcgf-vmpc-ph79"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a2mv-eck2-dfce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46520?format=json","vulnerability_id":"VCID-ardw-ehgx-2uas","summary":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\nFile Upload vulnerability in Microweber v.2.0.4 allows a remote attacker to execute arbitrary code via a crafted script to the file upload function in the created forms component.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49052","reference_id":"","reference_type":"","scores":[{"value":"0.26275","scoring_system":"epss","scoring_elements":"0.96414","published_at":"2026-06-08T12:55:00Z"},{"value":"0.26275","scoring_system":"epss","scoring_elements":"0.9642","published_at":"2026-06-09T12:55:00Z"},{"value":"0.26275","scoring_system":"epss","scoring_elements":"0.9641","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49052"},{"reference_url":"https://github.com/Cyber-Wo0dy/report/blob/main/microweber/v2.0.4/microweber_unrestricted_upload","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Cyber-Wo0dy/report/blob/main/microweber/v2.0.4/microweber_unrestricted_upload"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/Cyber-Wo0dy/CVE-2023-49052","reference_id":"CVE-2023-49052","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Cyber-Wo0dy/CVE-2023-49052"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-49052","reference_id":"CVE-2023-49052","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-49052"},{"reference_url":"https://github.com/advisories/GHSA-2c7x-w3mx-h7p6","reference_id":"GHSA-2c7x-w3mx-h7p6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2c7x-w3mx-h7p6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/690730?format=json","purl":"pkg:composer/microweber/microweber@2.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-77rx-sfvr-n3fm"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jfpu-15p5-5uhj"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-wyrr-s3f6-wkdu"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zm9t-p349-1bff"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.5"}],"aliases":["CVE-2023-49052","GHSA-2c7x-w3mx-h7p6"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ardw-ehgx-2uas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44356?format=json","vulnerability_id":"VCID-atxq-nn14-47ap","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - DOM in GitHub repository microweber/microweber prior to 1.3.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0608","reference_id":"","reference_type":"","scores":[{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.64107","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.64157","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.64137","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.64149","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.6416","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.64151","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0608"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/20df56615e61624f5fff149849753869e4b3b936","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T20:18:49Z/"}],"url":"https://github.com/microweber/microweber/commit/20df56615e61624f5fff149849753869e4b3b936"},{"reference_url":"https://huntr.dev/bounties/02a86e0d-dff7-4e27-89d5-2f7dcd4b580c","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T20:18:49Z/"}],"url":"https://huntr.dev/bounties/02a86e0d-dff7-4e27-89d5-2f7dcd4b580c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0608","reference_id":"CVE-2023-0608","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0608"},{"reference_url":"https://github.com/advisories/GHSA-pj97-r83v-vj7f","reference_id":"GHSA-pj97-r83v-vj7f","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pj97-r83v-vj7f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63787?format=json","purl":"pkg:composer/microweber/microweber@1.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.2"}],"aliases":["CVE-2023-0608","GHSA-pj97-r83v-vj7f"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-atxq-nn14-47ap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109549?format=json","vulnerability_id":"VCID-b3qa-cash-tbbs","summary":"Microweber vulnerable to unrestricted malicious uploads\nUnrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.3.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4732","reference_id":"","reference_type":"","scores":[{"value":"0.01113","scoring_system":"epss","scoring_elements":"0.78506","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01113","scoring_system":"epss","scoring_elements":"0.78533","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78948","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78959","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78969","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78966","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4732"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/0d279ac81052ce7ee97c18c811a9b8e912189da0","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T17:09:36Z/"}],"url":"https://github.com/microweber/microweber/commit/0d279ac81052ce7ee97c18c811a9b8e912189da0"},{"reference_url":"https://huntr.dev/bounties/d5be2e96-1f2f-4357-a385-e184cf0119aa","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-09T17:09:36Z/"}],"url":"https://huntr.dev/bounties/d5be2e96-1f2f-4357-a385-e184cf0119aa"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4732","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4732"},{"reference_url":"https://github.com/advisories/GHSA-8h43-xg5g-9cj7","reference_id":"GHSA-8h43-xg5g-9cj7","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8h43-xg5g-9cj7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63787?format=json","purl":"pkg:composer/microweber/microweber@1.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.2"}],"aliases":["CVE-2022-4732","GHSA-8h43-xg5g-9cj7"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b3qa-cash-tbbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45022?format=json","vulnerability_id":"VCID-b76c-c1bk-uqhs","summary":"Improper Privilege Management in GitHub repository microweber/microweber prior to 1.3.4.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2240","reference_id":"","reference_type":"","scores":[{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.5195","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.5197","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51981","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.52002","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51992","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2240"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/f43d5b767ad5814fc5f84bbaf0b77996262f3a4b","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-04T19:34:06Z/"}],"url":"https://github.com/microweber/microweber/commit/f43d5b767ad5814fc5f84bbaf0b77996262f3a4b"},{"reference_url":"https://huntr.dev/bounties/8f595559-7b4b-4b00-954c-7a627766e203","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-04T19:34:06Z/"}],"url":"https://huntr.dev/bounties/8f595559-7b4b-4b00-954c-7a627766e203"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2240","reference_id":"CVE-2023-2240","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2240"},{"reference_url":"https://github.com/advisories/GHSA-r6xq-xcxc-fghx","reference_id":"GHSA-r6xq-xcxc-fghx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r6xq-xcxc-fghx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64927?format=json","purl":"pkg:composer/microweber/microweber@1.3.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.4"}],"aliases":["CVE-2023-2240","GHSA-r6xq-xcxc-fghx"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b76c-c1bk-uqhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110475?format=json","vulnerability_id":"VCID-bq4d-7vyh-2bdv","summary":"Cross-site Scripting in microweber\nCross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.19.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2280","reference_id":"","reference_type":"","scores":[{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55576","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55589","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55583","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55557","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.55527","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2280"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/9ebbb4dd35da74025ab6965f722829a7f8f86566","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/9ebbb4dd35da74025ab6965f722829a7f8f86566"},{"reference_url":"https://huntr.dev/bounties/22561bfd-a28f-474e-9bfd-7263c1b71133","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/22561bfd-a28f-474e-9bfd-7263c1b71133"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2280","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2280"},{"reference_url":"https://github.com/advisories/GHSA-5pg2-qg87-vmj7","reference_id":"GHSA-5pg2-qg87-vmj7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5pg2-qg87-vmj7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/149133?format=json","purl":"pkg:composer/microweber/microweber@1.2.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.19"}],"aliases":["CVE-2022-2280","GHSA-5pg2-qg87-vmj7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bq4d-7vyh-2bdv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42383?format=json","vulnerability_id":"VCID-byjn-e1q3-cffa","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0558","reference_id":"","reference_type":"","scores":[{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55401","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55412","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55407","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55382","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55351","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0558"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/14a1bb971bcb8b5456c2bf0020c3018907a2704d","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/14a1bb971bcb8b5456c2bf0020c3018907a2704d"},{"reference_url":"https://huntr.dev/bounties/8fffc95f-14ae-457b-aecc-be4716a8b91c","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/8fffc95f-14ae-457b-aecc-be4716a8b91c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0558","reference_id":"CVE-2022-0558","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0558"},{"reference_url":"https://github.com/advisories/GHSA-wmj9-xh24-j4gx","reference_id":"GHSA-wmj9-xh24-j4gx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wmj9-xh24-j4gx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0558","GHSA-wmj9-xh24-j4gx"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-byjn-e1q3-cffa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42518?format=json","vulnerability_id":"VCID-c4mc-8mcd-aygx","summary":"Insecure Storage of Sensitive Information in Microweber\nInsecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0724","reference_id":"","reference_type":"","scores":[{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.64215","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.6422","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.642","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.64212","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.64171","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.64223","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0724"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/b592c86d2b927c0cae5b73b87fb541f25e777aa3","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/b592c86d2b927c0cae5b73b87fb541f25e777aa3"},{"reference_url":"https://huntr.dev/bounties/0cdc4a29-dada-4264-b326-8b65b4f11062","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/0cdc4a29-dada-4264-b326-8b65b4f11062"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0724","reference_id":"CVE-2022-0724","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0724"},{"reference_url":"https://github.com/advisories/GHSA-j8cx-j9j2-f29w","reference_id":"GHSA-j8cx-j9j2-f29w","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j8cx-j9j2-f29w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60784?format=json","purl":"pkg:composer/microweber/microweber@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.0"}],"aliases":["CVE-2022-0724","GHSA-j8cx-j9j2-f29w"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c4mc-8mcd-aygx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43032?format=json","vulnerability_id":"VCID-cmud-xdjj-2fbd","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nXSS in `/demo/module/?module=HERE` in GitHub repository microweber/microweber prior to 1.2.15.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1504","reference_id":"","reference_type":"","scores":[{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57353","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57329","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57341","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57292","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57345","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1504"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/1f6a4de416a85e626dc643bb5ceb916e4802223e","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/1f6a4de416a85e626dc643bb5ceb916e4802223e"},{"reference_url":"https://huntr.dev/bounties/b8e5c324-3dfe-46b4-8095-1697c6b0a6d6","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/b8e5c324-3dfe-46b4-8095-1697c6b0a6d6"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1504","reference_id":"CVE-2022-1504","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1504"},{"reference_url":"https://github.com/advisories/GHSA-6xj3-fhrf-rjgc","reference_id":"GHSA-6xj3-fhrf-rjgc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6xj3-fhrf-rjgc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/61533?format=json","purl":"pkg:composer/microweber/microweber@1.2.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.15"}],"aliases":["CVE-2022-1504","GHSA-6xj3-fhrf-rjgc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cmud-xdjj-2fbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56449?format=json","vulnerability_id":"VCID-cyk3-wsc6-qqeh","summary":"Microweber Cross-site Scripting vulnerability\nMicroweber Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the create new backup function in the endpoint /admin/module/view?type=admin__backup","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33298","reference_id":"","reference_type":"","scores":[{"value":"0.01761","scoring_system":"epss","scoring_elements":"0.82983","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01761","scoring_system":"epss","scoring_elements":"0.82971","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01761","scoring_system":"epss","scoring_elements":"0.82979","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33298"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/MathSabo/CVE-2024-33298","reference_id":"CVE-2024-33298","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-13T15:26:53Z/"}],"url":"https://github.com/MathSabo/CVE-2024-33298"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33298","reference_id":"CVE-2024-33298","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33298"},{"reference_url":"https://github.com/advisories/GHSA-w5g5-4jj3-8f6v","reference_id":"GHSA-w5g5-4jj3-8f6v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w5g5-4jj3-8f6v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/754902?format=json","purl":"pkg:composer/microweber/microweber@2.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-77rx-sfvr-n3fm"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jfpu-15p5-5uhj"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-wyrr-s3f6-wkdu"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zm9t-p349-1bff"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.10"}],"aliases":["CVE-2024-33298","GHSA-w5g5-4jj3-8f6v"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cyk3-wsc6-qqeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42478?format=json","vulnerability_id":"VCID-cz33-7pc2-jye4","summary":"Cross-Site Request Forgery (CSRF) in Packagist microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0638","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26906","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2692","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26913","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26962","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27001","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27008","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0638"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/756096da1260f29ff6f4532234d93d8e41dd5aa8","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/756096da1260f29ff6f4532234d93d8e41dd5aa8"},{"reference_url":"https://huntr.dev/bounties/9d3d883c-d74c-4fe2-9978-a8e3d1ccf9f3","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/9d3d883c-d74c-4fe2-9978-a8e3d1ccf9f3"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0638","reference_id":"CVE-2022-0638","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0638"},{"reference_url":"https://github.com/advisories/GHSA-ghww-cv4v-hmxx","reference_id":"GHSA-ghww-cv4v-hmxx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-ghww-cv4v-hmxx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0638","GHSA-ghww-cv4v-hmxx"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cz33-7pc2-jye4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42646?format=json","vulnerability_id":"VCID-d7q4-rg6w-rudw","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nFile upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0930","reference_id":"","reference_type":"","scores":[{"value":"0.00496","scoring_system":"epss","scoring_elements":"0.66157","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00496","scoring_system":"epss","scoring_elements":"0.66207","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00496","scoring_system":"epss","scoring_elements":"0.66189","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00496","scoring_system":"epss","scoring_elements":"0.66202","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00496","scoring_system":"epss","scoring_elements":"0.66219","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00496","scoring_system":"epss","scoring_elements":"0.66209","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0930"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/33eb4cc0f80c1f86388c1862a8aee1061fa5d72e","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/33eb4cc0f80c1f86388c1862a8aee1061fa5d72e"},{"reference_url":"https://huntr.dev/bounties/d184ce19-9608-42f1-bc3d-06ece2d9a993","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/d184ce19-9608-42f1-bc3d-06ece2d9a993"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0930","reference_id":"CVE-2022-0930","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0930"},{"reference_url":"https://github.com/advisories/GHSA-2cv6-6437-39p2","reference_id":"GHSA-2cv6-6437-39p2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2cv6-6437-39p2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60956?format=json","purl":"pkg:composer/microweber/microweber@1.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.12"}],"aliases":["CVE-2022-0930","GHSA-2cv6-6437-39p2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d7q4-rg6w-rudw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42693?format=json","vulnerability_id":"VCID-d9ye-asqs-4kb4","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMultiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0954","reference_id":"","reference_type":"","scores":[{"value":"0.04258","scoring_system":"epss","scoring_elements":"0.89","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04258","scoring_system":"epss","scoring_elements":"0.89034","published_at":"2026-06-09T12:55:00Z"},{"value":"0.04258","scoring_system":"epss","scoring_elements":"0.89018","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04258","scoring_system":"epss","scoring_elements":"0.89017","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0954"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/955471c27e671c49e4b012e3b120b004082ac3f7","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/955471c27e671c49e4b012e3b120b004082ac3f7"},{"reference_url":"https://huntr.dev/bounties/b99517c0-37fc-4efa-ab1a-3591da7f4d26","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/b99517c0-37fc-4efa-ab1a-3591da7f4d26"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0954","reference_id":"CVE-2022-0954","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0954"},{"reference_url":"https://github.com/advisories/GHSA-8c76-mxv5-w4g8","reference_id":"GHSA-8c76-mxv5-w4g8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8c76-mxv5-w4g8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60956?format=json","purl":"pkg:composer/microweber/microweber@1.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.12"}],"aliases":["CVE-2022-0954","GHSA-8c76-mxv5-w4g8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d9ye-asqs-4kb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55649?format=json","vulnerability_id":"VCID-dc9a-rqcd-jqfx","summary":"Microweber Reflected Cross-site scripting (XSS) vulnerability\nA Reflected Cross-site scripting (XSS) vulnerability exists in '/search' in microweber 2.0.15 and earlier allowing unauthenticated remote attackers to inject arbitrary web script or HTML via the 'keywords' parameter.","references":[{"reference_url":"http://microweber.com","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T13:46:28Z/"}],"url":"http://microweber.com"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-40101","reference_id":"","reference_type":"","scores":[{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78863","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.7886","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78849","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.7887","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0115","scoring_system":"epss","scoring_elements":"0.78866","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-40101"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Aug/1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2024/Aug/1"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/0dede6886c6df3d1f31c4f4e3ba1ab4a336fbf79","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T13:46:28Z/"}],"url":"https://github.com/microweber/microweber/commit/0dede6886c6df3d1f31c4f4e3ba1ab4a336fbf79"},{"reference_url":"https://seclists.org/fulldisclosure/2024/Aug/1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T13:46:28Z/"}],"url":"https://seclists.org/fulldisclosure/2024/Aug/1"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-40101","reference_id":"CVE-2024-40101","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-40101"},{"reference_url":"https://github.com/advisories/GHSA-m99v-mmg2-66vf","reference_id":"GHSA-m99v-mmg2-66vf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m99v-mmg2-66vf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82338?format=json","purl":"pkg:composer/microweber/microweber@2.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-77rx-sfvr-n3fm"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jfpu-15p5-5uhj"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-wyrr-s3f6-wkdu"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zm9t-p349-1bff"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.16"}],"aliases":["CVE-2024-40101","GHSA-m99v-mmg2-66vf"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dc9a-rqcd-jqfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46356?format=json","vulnerability_id":"VCID-e5ez-vpd8-hua1","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMicroweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-47379","reference_id":"","reference_type":"","scores":[{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36301","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36337","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36375","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36312","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36366","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-47379"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/blob/master/CHANGELOG.md","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T19:51:46Z/"}],"url":"https://github.com/microweber/microweber/blob/master/CHANGELOG.md"},{"reference_url":"https://github.com/microweber/microweber/commit/a481f079d74e82f6094abf15d67e814349d1038a","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/a481f079d74e82f6094abf15d67e814349d1038a"},{"reference_url":"https://github.com/microweber/microweber/commit/c6e7ea9d0abd7564a3bb23c14ad172e4ccf27a7e#diff-fac4e7e9eca69c10d074bf8c5eac7f64b018c6b4d91dcad54b340a8560049e00","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T19:51:46Z/"}],"url":"https://github.com/microweber/microweber/commit/c6e7ea9d0abd7564a3bb23c14ad172e4ccf27a7e#diff-fac4e7e9eca69c10d074bf8c5eac7f64b018c6b4d91dcad54b340a8560049e00"},{"reference_url":"https://www.getastra.com/blog/security-audit/stored-xss-vulnerability","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.getastra.com/blog/security-audit/stored-xss-vulnerability"},{"reference_url":"https://www.getastra.com/blog/security-audit/stored-xss-vulnerability/","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T19:51:46Z/"}],"url":"https://www.getastra.com/blog/security-audit/stored-xss-vulnerability/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-47379","reference_id":"CVE-2023-47379","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-47379"},{"reference_url":"https://github.com/advisories/GHSA-jmwm-w2rm-prv9","reference_id":"GHSA-jmwm-w2rm-prv9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jmwm-w2rm-prv9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/67659?format=json","purl":"pkg:composer/microweber/microweber@2.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1mcj-auz4-kffm"},{"vulnerability":"VCID-77rx-sfvr-n3fm"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jfpu-15p5-5uhj"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-wyrr-s3f6-wkdu"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zm9t-p349-1bff"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.3"}],"aliases":["CVE-2023-47379","GHSA-jmwm-w2rm-prv9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e5ez-vpd8-hua1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109981?format=json","vulnerability_id":"VCID-eepv-8w3x-a7gn","summary":"Microweber's title parameter in the body of POST request vulnerable to stored XSS\nIn Microweber prior to v1.3.1, the title parameter in the body of POST request when creating/editing a category is vulnerable to stored cross-site scripting.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2777","reference_id":"","reference_type":"","scores":[{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33963","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34036","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34014","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34048","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.3408","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34065","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2777"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/60eef7494211d1c458228c321e986edeaa401a58","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/60eef7494211d1c458228c321e986edeaa401a58"},{"reference_url":"https://huntr.dev/bounties/13dd2f4d-0c7f-483e-a771-e1ed2ff1c36f","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/13dd2f4d-0c7f-483e-a771-e1ed2ff1c36f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2777","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2777"},{"reference_url":"https://github.com/advisories/GHSA-cf6r-q678-f2p7","reference_id":"GHSA-cf6r-q678-f2p7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cf6r-q678-f2p7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/148110?format=json","purl":"pkg:composer/microweber/microweber@1.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.1"}],"aliases":["CVE-2022-2777","GHSA-cf6r-q678-f2p7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eepv-8w3x-a7gn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46385?format=json","vulnerability_id":"VCID-em3c-rjmf-c7bn","summary":"Microweber Improper Access Control vulnerability\nImproper Access Control in GitHub repository microweber/microweber prior to 2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5976","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.2371","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23662","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23655","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23771","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23756","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5976"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/bc537ebe235bf9924c6557a46114f5f9557cd16a","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T19:05:02Z/"}],"url":"https://github.com/microweber/microweber/commit/bc537ebe235bf9924c6557a46114f5f9557cd16a"},{"reference_url":"https://huntr.com/bounties/2004e4a9-c5f6-406a-89b0-571f808882fa","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T19:05:02Z/"}],"url":"https://huntr.com/bounties/2004e4a9-c5f6-406a-89b0-571f808882fa"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5976","reference_id":"CVE-2023-5976","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5976"},{"reference_url":"https://github.com/advisories/GHSA-q57g-38pc-jwv8","reference_id":"GHSA-q57g-38pc-jwv8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q57g-38pc-jwv8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/67588?format=json","purl":"pkg:composer/microweber/microweber@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-77rx-sfvr-n3fm"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jfpu-15p5-5uhj"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-wyrr-s3f6-wkdu"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zm9t-p349-1bff"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.0"}],"aliases":["CVE-2023-5976","GHSA-q57g-38pc-jwv8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-em3c-rjmf-c7bn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42770?format=json","vulnerability_id":"VCID-etnf-hdsf-qbh7","summary":"Integer Overflow or Wraparound\nAble to create an account with long password leads to memory corruption / Integer Overflow in GitHub repository microweber/microweber prior to 1.2.12.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1036","reference_id":"","reference_type":"","scores":[{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.73275","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.73317","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.73312","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.73315","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.7329","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.73303","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1036"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/82be4f0b4729be870ccefdae99a04833f134aa6a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/82be4f0b4729be870ccefdae99a04833f134aa6a"},{"reference_url":"https://huntr.dev/bounties/db615581-d5a9-4ca5-a3e9-7a39eceaa424","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/db615581-d5a9-4ca5-a3e9-7a39eceaa424"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1036","reference_id":"CVE-2022-1036","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1036"},{"reference_url":"https://github.com/advisories/GHSA-3qr6-qrqm-8v86","reference_id":"GHSA-3qr6-qrqm-8v86","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3qr6-qrqm-8v86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60956?format=json","purl":"pkg:composer/microweber/microweber@1.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.12"}],"aliases":["CVE-2022-1036","GHSA-3qr6-qrqm-8v86"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-etnf-hdsf-qbh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109064?format=json","vulnerability_id":"VCID-eyny-kp2f-fqgq","summary":"Microweber vulnerable to  HTML Injection in create tag functionality\nHTML injection attack is closely related to Cross-site Scripting (XSS). HTML injection uses HTML to deface the page. XSS, as the name implies, injects JavaScript into the page. Both attacks exploit insufficient validation of user input. A patch is available on commit f20abf30a1d9c1426c5fb757ac63998dc5b92bfc and is anticipated to be part of version 1.3.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3245","reference_id":"","reference_type":"","scores":[{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62742","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62785","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62772","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62796","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00427","scoring_system":"epss","scoring_elements":"0.62786","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3245"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/f20abf30a1d9c1426c5fb757ac63998dc5b92bfc","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-27T18:08:10Z/"}],"url":"https://github.com/microweber/microweber/commit/f20abf30a1d9c1426c5fb757ac63998dc5b92bfc"},{"reference_url":"https://huntr.dev/bounties/747c2924-95ca-4311-9e69-58ee0fb440a0","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-05-27T18:08:10Z/"}],"url":"https://huntr.dev/bounties/747c2924-95ca-4311-9e69-58ee0fb440a0"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3245","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3245"},{"reference_url":"https://github.com/advisories/GHSA-gm8c-w9cm-c445","reference_id":"GHSA-gm8c-w9cm-c445","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gm8c-w9cm-c445"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63787?format=json","purl":"pkg:composer/microweber/microweber@1.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.2"}],"aliases":["CVE-2022-3245","GHSA-gm8c-w9cm-c445"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eyny-kp2f-fqgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56447?format=json","vulnerability_id":"VCID-ffw7-eb3s-w7dt","summary":"Microweber Cross-site Scripting vulnerability\nCross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the First Name and Last Name parameters in the endpoint /admin/module/view?type=users","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33299","reference_id":"","reference_type":"","scores":[{"value":"0.01553","scoring_system":"epss","scoring_elements":"0.81797","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01553","scoring_system":"epss","scoring_elements":"0.81806","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01553","scoring_system":"epss","scoring_elements":"0.81791","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33299"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/MathSabo/CVE-2024-33299","reference_id":"CVE-2024-33299","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-14T16:06:00Z/"}],"url":"https://github.com/MathSabo/CVE-2024-33299"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33299","reference_id":"CVE-2024-33299","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33299"},{"reference_url":"https://github.com/advisories/GHSA-97h9-p9f8-4p3r","reference_id":"GHSA-97h9-p9f8-4p3r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-97h9-p9f8-4p3r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/754902?format=json","purl":"pkg:composer/microweber/microweber@2.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-77rx-sfvr-n3fm"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jfpu-15p5-5uhj"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-wyrr-s3f6-wkdu"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zm9t-p349-1bff"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.10"}],"aliases":["CVE-2024-33299","GHSA-97h9-p9f8-4p3r"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ffw7-eb3s-w7dt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42163?format=json","vulnerability_id":"VCID-fwdp-ch1b-pqa2","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0278","reference_id":"","reference_type":"","scores":[{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43536","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43617","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43607","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43568","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.4356","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43594","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0278"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/b64ef574b82dbf89a908e1569d790c7012d1ccd7","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/b64ef574b82dbf89a908e1569d790c7012d1ccd7"},{"reference_url":"https://huntr.dev/bounties/64495d0f-d5ec-4542-9693-32372c18d030","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/64495d0f-d5ec-4542-9693-32372c18d030"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0278","reference_id":"CVE-2022-0278","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0278"},{"reference_url":"https://github.com/advisories/GHSA-m8rp-q82r-c5mf","reference_id":"GHSA-m8rp-q82r-c5mf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m8rp-q82r-c5mf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0278","GHSA-m8rp-q82r-c5mf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwdp-ch1b-pqa2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109446?format=json","vulnerability_id":"VCID-g3w8-c5z6-1yaz","summary":"Microweber vulnerable to Reflected Cross-site Scripting\nMicroweber versions 1.3.1 and prior are vulnerable to Reflected Cross-site Scripting (XSS). A patch is available on the 1.4, dev, and laravel-sail branches.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4617","reference_id":"","reference_type":"","scores":[{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41354","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41334","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41323","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41305","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41381","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41385","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4617"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/df8add930ecfa7f5b18c67c3f748c137fe890906","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-14T14:21:05Z/"}],"url":"https://github.com/microweber/microweber/commit/df8add930ecfa7f5b18c67c3f748c137fe890906"},{"reference_url":"https://huntr.dev/bounties/1fb2ce08-7016-45fa-b402-ec08d700e4df","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-14T14:21:05Z/"}],"url":"https://huntr.dev/bounties/1fb2ce08-7016-45fa-b402-ec08d700e4df"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4617","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4617"},{"reference_url":"https://github.com/advisories/GHSA-3mmh-vq9w-4c3g","reference_id":"GHSA-3mmh-vq9w-4c3g","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3mmh-vq9w-4c3g"}],"fixed_packages":[],"aliases":["CVE-2022-4617","GHSA-3mmh-vq9w-4c3g"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g3w8-c5z6-1yaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56798?format=json","vulnerability_id":"VCID-g698-yeg3-33cv","summary":"Microweber vulnerable to XSS attack due to insure `group` component in its Settings handler\nA vulnerability was found in Microweber 2.0.19. It has been rated as problematic. This issue affects some unknown processing of the file userfiles/modules/settings/group/website_group/index.php of the component Settings Handler. The manipulation of the argument group leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2214","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32231","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32254","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32329","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32298","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32261","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2214"},{"reference_url":"https://github.com/Fewword/Poc/blob/main/microweber/mwb-poc1.md","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:P/A:N"},{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T13:37:00Z/"}],"url":"https://github.com/Fewword/Poc/blob/main/microweber/mwb-poc1.md"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://vuldb.com/?ctiid.299285","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:P/A:N"},{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T13:37:00Z/"}],"url":"https://vuldb.com/?ctiid.299285"},{"reference_url":"https://vuldb.com/?id.299285","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:P/A:N"},{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T13:37:00Z/"}],"url":"https://vuldb.com/?id.299285"},{"reference_url":"https://vuldb.com/?submit.512032","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:P/A:N"},{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-12T13:37:00Z/"}],"url":"https://vuldb.com/?submit.512032"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-2214","reference_id":"CVE-2025-2214","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"},{"value":"2.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-2214"},{"reference_url":"https://github.com/advisories/GHSA-hcgh-r5gq-6qc2","reference_id":"GHSA-hcgh-r5gq-6qc2","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hcgh-r5gq-6qc2"}],"fixed_packages":[],"aliases":["CVE-2025-2214","GHSA-hcgh-r5gq-6qc2"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g698-yeg3-33cv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42297?format=json","vulnerability_id":"VCID-gdz9-thp5-g3ec","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nA Stored Cross-site Scripting (XSS) vulnerability was found in microweber.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0506","reference_id":"","reference_type":"","scores":[{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47501","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47568","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47565","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47534","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47521","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47551","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0506"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/05d55f2befb1b25375ca5371875ff535d6cc5f70","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/05d55f2befb1b25375ca5371875ff535d6cc5f70"},{"reference_url":"https://huntr.dev/bounties/0a5ec24c-343e-4cc4-b27b-2beb19a1c35f","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/0a5ec24c-343e-4cc4-b27b-2beb19a1c35f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0506","reference_id":"CVE-2022-0506","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0506"},{"reference_url":"https://github.com/advisories/GHSA-jjvm-3mfq-7gc7","reference_id":"GHSA-jjvm-3mfq-7gc7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jjvm-3mfq-7gc7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0506","GHSA-jjvm-3mfq-7gc7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gdz9-thp5-g3ec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42645?format=json","vulnerability_id":"VCID-gmr6-tbe3-zkh5","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nFile upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0926","reference_id":"","reference_type":"","scores":[{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40323","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40406","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40403","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40364","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.4035","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40379","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0926"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/89200cfcc2cfefe5554721e7fa3cf52f6a2a9120","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/89200cfcc2cfefe5554721e7fa3cf52f6a2a9120"},{"reference_url":"https://huntr.dev/bounties/dc5d1555-0108-4627-b542-93352f35fa17","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/dc5d1555-0108-4627-b542-93352f35fa17"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0926","reference_id":"CVE-2022-0926","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0926"},{"reference_url":"https://github.com/advisories/GHSA-3q55-66g3-p8xq","reference_id":"GHSA-3q55-66g3-p8xq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3q55-66g3-p8xq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60956?format=json","purl":"pkg:composer/microweber/microweber@1.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.12"}],"aliases":["CVE-2022-0926","GHSA-3q55-66g3-p8xq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gmr6-tbe3-zkh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42536?format=json","vulnerability_id":"VCID-gue4-1xas-9qe6","summary":"Logic error in microweber\nBusiness Logic Errors in GitHub repository microweber/microweber prior to 1.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0762","reference_id":"","reference_type":"","scores":[{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44733","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.4481","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44804","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.4477","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44758","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44789","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0762"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/76361264d9fdfff38a1af79c63141455cc4d36e3","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/76361264d9fdfff38a1af79c63141455cc4d36e3"},{"reference_url":"https://huntr.dev/bounties/125b5244-5099-485e-bf75-e5f1ed80dd48","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/125b5244-5099-485e-bf75-e5f1ed80dd48"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0762","reference_id":"CVE-2022-0762","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0762"},{"reference_url":"https://github.com/advisories/GHSA-5875-p652-2ppm","reference_id":"GHSA-5875-p652-2ppm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5875-p652-2ppm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60784?format=json","purl":"pkg:composer/microweber/microweber@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.0"}],"aliases":["CVE-2022-0762","GHSA-5875-p652-2ppm"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gue4-1xas-9qe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42458?format=json","vulnerability_id":"VCID-h91t-mxad-1yd3","summary":"URL Redirection to Untrusted Site ('Open Redirect')\nAn Open Redirect vulnerability was found in microweber.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0597","reference_id":"","reference_type":"","scores":[{"value":"0.00964","scoring_system":"epss","scoring_elements":"0.76896","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00964","scoring_system":"epss","scoring_elements":"0.76935","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00964","scoring_system":"epss","scoring_elements":"0.76914","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00964","scoring_system":"epss","scoring_elements":"0.76925","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00964","scoring_system":"epss","scoring_elements":"0.76937","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00964","scoring_system":"epss","scoring_elements":"0.76928","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0597"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/acfc6a581d1ea86096d1b0ecd8a0eec927c0e9b2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/acfc6a581d1ea86096d1b0ecd8a0eec927c0e9b2"},{"reference_url":"https://huntr.dev/bounties/68c22eab-cc69-4e9f-bcb6-2df3db626813","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/68c22eab-cc69-4e9f-bcb6-2df3db626813"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0597","reference_id":"CVE-2022-0597","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0597"},{"reference_url":"https://github.com/advisories/GHSA-rw98-5846-pqhx","reference_id":"GHSA-rw98-5846-pqhx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rw98-5846-pqhx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0597","GHSA-rw98-5846-pqhx"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h91t-mxad-1yd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50026?format=json","vulnerability_id":"VCID-jbsw-p37m-8bat","summary":"Microweber has a Cross-site Scripting vulnerability\nCross-site Scripting vulnerability in the \"/admin/order/abandoned\" endpoint of Microweber 2.0.19. An attacker can manipulate the \"orderDirection\" parameter in a crafted URL and lure a user with admin privileges into visiting it, achieving JavaScript code execution in the victim's browser. The issue was reported to the developers and fixed in version 2.0.20.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-70791","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05798","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05806","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0723","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07217","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07261","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-70791"},{"reference_url":"https://gist.github.com/TimRecktenwald/9615b9915a4cacda9f57bb57f13ab6d4","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T20:52:24Z/"}],"url":"https://gist.github.com/TimRecktenwald/9615b9915a4cacda9f57bb57f13ab6d4"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/aa0791fc286d785ccd33ccc706f7bb3ed05b1d7f","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T20:52:24Z/"}],"url":"https://github.com/microweber/microweber/commit/aa0791fc286d785ccd33ccc706f7bb3ed05b1d7f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-70791","reference_id":"CVE-2025-70791","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-70791"},{"reference_url":"https://github.com/advisories/GHSA-5jg5-xqfw-rv92","reference_id":"GHSA-5jg5-xqfw-rv92","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5jg5-xqfw-rv92"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73880?format=json","purl":"pkg:composer/microweber/microweber@2.0.20","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.20"}],"aliases":["CVE-2025-70791","GHSA-5jg5-xqfw-rv92"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jbsw-p37m-8bat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42513?format=json","vulnerability_id":"VCID-jewv-gtbh-xqeg","summary":"Insertion of Sensitive Information Into Debugging Code in Microweber\nInsertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0721","reference_id":"","reference_type":"","scores":[{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57853","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57906","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57889","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57902","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57914","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57905","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0721"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/b12e1a490c79460bff019f34b2e17112249b16ec","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/b12e1a490c79460bff019f34b2e17112249b16ec"},{"reference_url":"https://huntr.dev/bounties/ae267d39-9750-4c69-be8b-4f915da089fb","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/ae267d39-9750-4c69-be8b-4f915da089fb"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0721","reference_id":"CVE-2022-0721","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0721"},{"reference_url":"https://github.com/advisories/GHSA-mjvc-j6rv-9xj8","reference_id":"GHSA-mjvc-j6rv-9xj8","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mjvc-j6rv-9xj8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60784?format=json","purl":"pkg:composer/microweber/microweber@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.0"}],"aliases":["CVE-2022-0721","GHSA-mjvc-j6rv-9xj8"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jewv-gtbh-xqeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42629?format=json","vulnerability_id":"VCID-jzqm-3xf2-pqcc","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nUnrestricted file upload leads to stored XSS in GitHub repository microweber/microweber prior to 1.1.12.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0906","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46568","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46635","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46634","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46597","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46586","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46614","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0906"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/d9bae9df873c2d2a13a2eb08d512019d49ebca68","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/d9bae9df873c2d2a13a2eb08d512019d49ebca68"},{"reference_url":"https://huntr.dev/bounties/87ed3b42-9824-49b0-91a5-fd908a0601e8","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/87ed3b42-9824-49b0-91a5-fd908a0601e8"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0906","reference_id":"CVE-2022-0906","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0906"},{"reference_url":"https://github.com/advisories/GHSA-hf4q-52x6-4p57","reference_id":"GHSA-hf4q-52x6-4p57","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hf4q-52x6-4p57"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60956?format=json","purl":"pkg:composer/microweber/microweber@1.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.12"}],"aliases":["CVE-2022-0906","GHSA-hf4q-52x6-4p57"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jzqm-3xf2-pqcc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42390?format=json","vulnerability_id":"VCID-k531-2qnb-t3b7","summary":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\nOS Command Injection in Packagist microweber/microweber prior to 1.2.11.","references":[{"reference_url":"http://packetstormsecurity.com/files/166077/Microweber-1.2.11-Shell-Upload.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/166077/Microweber-1.2.11-Shell-Upload.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0557","reference_id":"","reference_type":"","scores":[{"value":"0.1686","scoring_system":"epss","scoring_elements":"0.95095","published_at":"2026-06-09T12:55:00Z"},{"value":"0.1686","scoring_system":"epss","scoring_elements":"0.95091","published_at":"2026-06-07T12:55:00Z"},{"value":"0.1686","scoring_system":"epss","scoring_elements":"0.95089","published_at":"2026-06-06T12:55:00Z"},{"value":"0.1686","scoring_system":"epss","scoring_elements":"0.95079","published_at":"2026-06-04T12:55:00Z"},{"value":"0.1686","scoring_system":"epss","scoring_elements":"0.9509","published_at":"2026-06-08T12:55:00Z"},{"value":"0.1686","scoring_system":"epss","scoring_elements":"0.95088","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0557"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/0a7e5f1d81de884861ca677ee1aaac31f188d632","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/0a7e5f1d81de884861ca677ee1aaac31f188d632"},{"reference_url":"https://huntr.dev/bounties/660c89af-2de5-41bc-aada-9e4e78142db8","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/660c89af-2de5-41bc-aada-9e4e78142db8"},{"reference_url":"https://www.exploit-db.com/exploits/50768","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/50768"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50768.txt","reference_id":"CVE-2022-0557","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50768.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0557","reference_id":"CVE-2022-0557","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0557"},{"reference_url":"https://github.com/advisories/GHSA-vm37-j55j-8655","reference_id":"GHSA-vm37-j55j-8655","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vm37-j55j-8655"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0557","GHSA-vm37-j55j-8655"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k531-2qnb-t3b7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109123?format=json","vulnerability_id":"VCID-kbqk-a5yu-6bhr","summary":"Microweber Cross-site Scripting can result in redirection to a malicious site\nMicroweber versions 1.3.1 and prior are vulnerable to HTML injection that an attacker can use to redirect someone to a malicious site. A patch is available at commit 68f0721571653db865a5fa01c7986642c82e919c and expected to be part of version 1.3.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3242","reference_id":"","reference_type":"","scores":[{"value":"0.19791","scoring_system":"epss","scoring_elements":"0.95562","published_at":"2026-06-04T12:55:00Z"},{"value":"0.19791","scoring_system":"epss","scoring_elements":"0.95579","published_at":"2026-06-09T12:55:00Z"},{"value":"0.19791","scoring_system":"epss","scoring_elements":"0.95575","published_at":"2026-06-08T12:55:00Z"},{"value":"0.19791","scoring_system":"epss","scoring_elements":"0.95574","published_at":"2026-06-07T12:55:00Z"},{"value":"0.19791","scoring_system":"epss","scoring_elements":"0.95572","published_at":"2026-06-06T12:55:00Z"},{"value":"0.19791","scoring_system":"epss","scoring_elements":"0.95569","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3242"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/68f0721571653db865a5fa01c7986642c82e919c","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T13:56:48Z/"}],"url":"https://github.com/microweber/microweber/commit/68f0721571653db865a5fa01c7986642c82e919c"},{"reference_url":"https://huntr.dev/bounties/3e6b218a-a5a6-40d9-9f7e-5ab0c6214faf","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T13:56:48Z/"}],"url":"https://huntr.dev/bounties/3e6b218a-a5a6-40d9-9f7e-5ab0c6214faf"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3242","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3242"},{"reference_url":"https://github.com/advisories/GHSA-232p-59mg-f98p","reference_id":"GHSA-232p-59mg-f98p","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-232p-59mg-f98p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63787?format=json","purl":"pkg:composer/microweber/microweber@1.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.2"}],"aliases":["CVE-2022-3242","GHSA-232p-59mg-f98p"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kbqk-a5yu-6bhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110312?format=json","vulnerability_id":"VCID-kknn-9pxu-j7cq","summary":"Account Takeover Through Password Reset Poisoning\nMicroweber 1.2.15 was discovered to allow attackers to perform an account takeover via a host header injection attack.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-33012","reference_id":"","reference_type":"","scores":[{"value":"0.01651","scoring_system":"epss","scoring_elements":"0.82379","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01651","scoring_system":"epss","scoring_elements":"0.82351","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01651","scoring_system":"epss","scoring_elements":"0.82386","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01651","scoring_system":"epss","scoring_elements":"0.82372","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01651","scoring_system":"epss","scoring_elements":"0.8238","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-33012"},{"reference_url":"https://blog.jitendrapatro.me/cve-2022-33012-account-takeover-through-password-reset-poisoning","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.jitendrapatro.me/cve-2022-33012-account-takeover-through-password-reset-poisoning"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-29T15:23:22Z/"}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Account%20Takeover#account-takeover-through-password-reset-poisoning","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-29T15:23:22Z/"}],"url":"https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Account%20Takeover#account-takeover-through-password-reset-poisoning"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-33012","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-33012"},{"reference_url":"https://www.pethuraj.com/blog/how-i-earned-800-for-host-header-injection-vulnerability","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.pethuraj.com/blog/how-i-earned-800-for-host-header-injection-vulnerability"},{"reference_url":"https://blog.jitendrapatro.me/cve-2022-33012-account-takeover-through-password-reset-poisoning/","reference_id":"cve-2022-33012-account-takeover-through-password-reset-poisoning","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-29T15:23:22Z/"}],"url":"https://blog.jitendrapatro.me/cve-2022-33012-account-takeover-through-password-reset-poisoning/"},{"reference_url":"https://github.com/advisories/GHSA-rp7f-fhm8-9hpf","reference_id":"GHSA-rp7f-fhm8-9hpf","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rp7f-fhm8-9hpf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/61980?format=json","purl":"pkg:composer/microweber/microweber@1.2.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.16"}],"aliases":["CVE-2022-33012","GHSA-rp7f-fhm8-9hpf"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kknn-9pxu-j7cq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110421?format=json","vulnerability_id":"VCID-kqgb-n43y-muaa","summary":"Microweber before 1.2.21 vulnerable to reflected XSS\nMicroweber prior to 1.2.21 is vulnerable to reflected cross-site scripting (XSS).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2470","reference_id":"","reference_type":"","scores":[{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.66229","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.66277","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.66259","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.66273","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.66289","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.6628","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2470"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/d28655183800b833abb20ccd55e1628f16ff65e4","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/d28655183800b833abb20ccd55e1628f16ff65e4"},{"reference_url":"https://huntr.dev/bounties/3f1f679c-c243-431c-8ed0-e61543b9921b","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/3f1f679c-c243-431c-8ed0-e61543b9921b"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2470","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2470"},{"reference_url":"https://github.com/advisories/GHSA-cfcg-2qgr-v243","reference_id":"GHSA-cfcg-2qgr-v243","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cfcg-2qgr-v243"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/149042?format=json","purl":"pkg:composer/microweber/microweber@1.2.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.21"}],"aliases":["CVE-2022-2470","GHSA-cfcg-2qgr-v243"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kqgb-n43y-muaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42220?format=json","vulnerability_id":"VCID-kw2g-qrud-dqh4","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0378","reference_id":"","reference_type":"","scores":[{"value":"0.07396","scoring_system":"epss","scoring_elements":"0.91883","published_at":"2026-06-06T12:55:00Z"},{"value":"0.07396","scoring_system":"epss","scoring_elements":"0.91894","published_at":"2026-06-09T12:55:00Z"},{"value":"0.07396","scoring_system":"epss","scoring_elements":"0.9188","published_at":"2026-06-08T12:55:00Z"},{"value":"0.07396","scoring_system":"epss","scoring_elements":"0.9187","published_at":"2026-06-04T12:55:00Z"},{"value":"0.07396","scoring_system":"epss","scoring_elements":"0.91882","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0378"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/fc7e1a026735b93f0e0047700d08c44954fce9ce","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/fc7e1a026735b93f0e0047700d08c44954fce9ce"},{"reference_url":"https://huntr.dev/bounties/529b65c0-5be7-49d4-9419-f905b8153d31","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/529b65c0-5be7-49d4-9419-f905b8153d31"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0378","reference_id":"CVE-2022-0378","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0378"},{"reference_url":"https://github.com/advisories/GHSA-3j58-p785-f27x","reference_id":"GHSA-3j58-p785-f27x","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3j58-p785-f27x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0378","GHSA-3j58-p785-f27x"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kw2g-qrud-dqh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42723?format=json","vulnerability_id":"VCID-m1n6-dgw1-83ep","summary":"Integer Overflow in microweber\nThe microweber application allows large characters to insert in the input field \"fist & last name\" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in GitHub repository microweber/microweber prior to 1.2.12.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0968","reference_id":"","reference_type":"","scores":[{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80513","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80555","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80534","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80538","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80542","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01363","scoring_system":"epss","scoring_elements":"0.80539","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0968"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/80e39084729a57dfe749626c3b9d35247a14c49e","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/80e39084729a57dfe749626c3b9d35247a14c49e"},{"reference_url":"https://huntr.dev/bounties/97e36678-11cf-42c6-889c-892d415d9f9e","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/97e36678-11cf-42c6-889c-892d415d9f9e"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0968","reference_id":"CVE-2022-0968","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0968"},{"reference_url":"https://github.com/advisories/GHSA-5fxv-xx5p-g2fv","reference_id":"GHSA-5fxv-xx5p-g2fv","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5fxv-xx5p-g2fv"}],"fixed_packages":[],"aliases":["CVE-2022-0968","GHSA-5fxv-xx5p-g2fv"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m1n6-dgw1-83ep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42159?format=json","vulnerability_id":"VCID-m1wx-byrn-nqav","summary":"Exposure of Sensitive Information to an Unauthorized Actor in Packagist microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0281","reference_id":"","reference_type":"","scores":[{"value":"0.18624","scoring_system":"epss","scoring_elements":"0.95389","published_at":"2026-06-04T12:55:00Z"},{"value":"0.18624","scoring_system":"epss","scoring_elements":"0.95399","published_at":"2026-06-06T12:55:00Z"},{"value":"0.18624","scoring_system":"epss","scoring_elements":"0.95397","published_at":"2026-06-05T12:55:00Z"},{"value":"0.18624","scoring_system":"epss","scoring_elements":"0.95406","published_at":"2026-06-09T12:55:00Z"},{"value":"0.18624","scoring_system":"epss","scoring_elements":"0.95402","published_at":"2026-06-08T12:55:00Z"},{"value":"0.18624","scoring_system":"epss","scoring_elements":"0.95401","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0281"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/e680e134a4215c979bfd2eaf58336be34c8fc6e6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/e680e134a4215c979bfd2eaf58336be34c8fc6e6"},{"reference_url":"https://huntr.dev/bounties/315f5ac6-1b5e-4444-ad8f-802371da3505","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/315f5ac6-1b5e-4444-ad8f-802371da3505"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0281","reference_id":"CVE-2022-0281","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0281"},{"reference_url":"https://github.com/advisories/GHSA-7wv8-g97r-432h","reference_id":"GHSA-7wv8-g97r-432h","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7wv8-g97r-432h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0281","GHSA-7wv8-g97r-432h"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m1wx-byrn-nqav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110780?format=json","vulnerability_id":"VCID-mhbj-vxny-tkhx","summary":"Open Redirect in microweber\nOpen Redirect in GitHub repository microweber/microweber prior to 1.2.19.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2252","reference_id":"","reference_type":"","scores":[{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38627","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38675","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38664","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38692","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.3872","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38717","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2252"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/187e949daf7dea6f10b80da70988f0f86444eeff","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/187e949daf7dea6f10b80da70988f0f86444eeff"},{"reference_url":"https://huntr.dev/bounties/4d394bcc-a000-4f96-8cd2-8c565e1347e8","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/4d394bcc-a000-4f96-8cd2-8c565e1347e8"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2252","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2252"},{"reference_url":"https://github.com/advisories/GHSA-437j-5qc3-c589","reference_id":"GHSA-437j-5qc3-c589","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-437j-5qc3-c589"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/149133?format=json","purl":"pkg:composer/microweber/microweber@1.2.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.19"}],"aliases":["CVE-2022-2252","GHSA-437j-5qc3-c589"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mhbj-vxny-tkhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44499?format=json","vulnerability_id":"VCID-mysh-ufu9-bubf","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMicroweber is a drag and drop website builder and content management system. Versions 1.2.12 and prior is vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. A fix was attempted in versions 1.2.9 and 1.2.12, but it is incomplete.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32856","reference_id":"","reference_type":"","scores":[{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.50263","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.50281","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.50273","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.50234","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.50212","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58543","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32856"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/f3b86d59ab674dbf514f9f9948ddfa091739ab75","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:00:20Z/"}],"url":"https://github.com/microweber/microweber/commit/f3b86d59ab674dbf514f9f9948ddfa091739ab75"},{"reference_url":"https://securitylab.github.com/advisories/GHSL-2021-1005-Microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://securitylab.github.com/advisories/GHSL-2021-1005-Microweber"},{"reference_url":"https://securitylab.github.com/advisories/GHSL-2021-1005-Microweber/","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:00:20Z/"}],"url":"https://securitylab.github.com/advisories/GHSL-2021-1005-Microweber/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32856","reference_id":"CVE-2021-32856","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32856"},{"reference_url":"https://github.com/advisories/GHSA-mv37-xrmc-hf64","reference_id":"GHSA-mv37-xrmc-hf64","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mv37-xrmc-hf64"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/570731?format=json","purl":"pkg:composer/microweber/microweber@1.2.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.13"}],"aliases":["CVE-2021-32856","GHSA-mv37-xrmc-hf64"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mysh-ufu9-bubf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42487?format=json","vulnerability_id":"VCID-nfyc-ckva-xke3","summary":"Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0660","reference_id":"","reference_type":"","scores":[{"value":"0.07502","scoring_system":"epss","scoring_elements":"0.91947","published_at":"2026-06-07T12:55:00Z"},{"value":"0.07502","scoring_system":"epss","scoring_elements":"0.9195","published_at":"2026-06-06T12:55:00Z"},{"value":"0.07502","scoring_system":"epss","scoring_elements":"0.91948","published_at":"2026-06-08T12:55:00Z"},{"value":"0.07502","scoring_system":"epss","scoring_elements":"0.91961","published_at":"2026-06-09T12:55:00Z"},{"value":"0.07502","scoring_system":"epss","scoring_elements":"0.91936","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0660"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/2417bd2eda2aa2868c1dad1abf62341f22bfc20a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/2417bd2eda2aa2868c1dad1abf62341f22bfc20a"},{"reference_url":"https://huntr.dev/bounties/01fd2e0d-b8cf-487f-a16c-7b088ef3a291","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/01fd2e0d-b8cf-487f-a16c-7b088ef3a291"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0660","reference_id":"CVE-2022-0660","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0660"},{"reference_url":"https://github.com/advisories/GHSA-hhrj-wp42-32v3","reference_id":"GHSA-hhrj-wp42-32v3","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hhrj-wp42-32v3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0660","GHSA-hhrj-wp42-32v3"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nfyc-ckva-xke3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42497?format=json","vulnerability_id":"VCID-nsg2-yc2f-vubc","summary":"Business Logic Errors in microweber\nBusiness Logic Errors in Packagist microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0688","reference_id":"","reference_type":"","scores":[{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56371","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56422","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56405","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56421","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56433","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56427","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0688"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/a41f0fddaf08ff12b2b82506b1ca9490c93ab605","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/a41f0fddaf08ff12b2b82506b1ca9490c93ab605"},{"reference_url":"https://huntr.dev/bounties/051ec6d4-0b0a-41bf-9ded-27813037c9c9","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/051ec6d4-0b0a-41bf-9ded-27813037c9c9"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0688","reference_id":"CVE-2022-0688","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0688"},{"reference_url":"https://github.com/advisories/GHSA-c5gj-w4hx-gvmx","reference_id":"GHSA-c5gj-w4hx-gvmx","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c5gj-w4hx-gvmx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0688","GHSA-c5gj-w4hx-gvmx"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nsg2-yc2f-vubc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41632?format=json","vulnerability_id":"VCID-pjzk-21wf-wfdf","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross Site Scripting (XSS). vulnerability exists in Microweber CMS 1.2.7 via the Login form, which could let a malicious user execute Javascript by Inserting code in the request form.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33988","reference_id":"","reference_type":"","scores":[{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74868","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74861","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74866","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74857","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74842","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.7483","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33988"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/nck0099/osTicket/issues/2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nck0099/osTicket/issues/2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33988","reference_id":"CVE-2021-33988","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33988"},{"reference_url":"https://github.com/advisories/GHSA-w7x8-cq7r-g5g9","reference_id":"GHSA-w7x8-cq7r-g5g9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w7x8-cq7r-g5g9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/59395?format=json","purl":"pkg:composer/microweber/microweber@1.2.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1cwm-wk9y-nkbe"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-21j3-jjng-dbcs"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2q36-5mb1-gqcy"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-3hnh-fgu8-4fay"},{"vulnerability":"VCID-3p66-27xs-z3f1"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8g5k-sv8a-x7bb"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-a2mv-eck2-dfce"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-byjn-e1q3-cffa"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-cz33-7pc2-jye4"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-fwdp-ch1b-pqa2"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gdz9-thp5-g3ec"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-h91t-mxad-1yd3"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-k531-2qnb-t3b7"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-kw2g-qrud-dqh4"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-m1wx-byrn-nqav"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-nfyc-ckva-xke3"},{"vulnerability":"VCID-nsg2-yc2f-vubc"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-q42j-dth6-zffz"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-v1hf-kdyw-yueb"},{"vulnerability":"VCID-v43b-bant-nyad"},{"vulnerability":"VCID-w1rd-p9x2-j7g6"},{"vulnerability":"VCID-wu8r-rjfa-g7dx"},{"vulnerability":"VCID-xcsn-8sp3-hkg3"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-ywzf-dq4n-8ub4"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zm6m-8uc5-nkdx"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.8"}],"aliases":["CVE-2021-33988","GHSA-w7x8-cq7r-g5g9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pjzk-21wf-wfdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50025?format=json","vulnerability_id":"VCID-pkwt-7cf8-7qet","summary":"Microweber Cross-site Scripting vulnerability\nThere is a Cross-site Scripting vulnerability in the \"/admin/category/create\" endpoint of Microweber 2.0.19. An attacker can manipulate the \"rel_id\" parameter in a crafted URL and lure a user with admin privileges into visiting it, achieving JavaScript code execution in the victim's browser. The issue was reported to the developers and fixed in version 2.0.20.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-70792","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05806","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05798","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07217","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07261","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0723","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-70792"},{"reference_url":"https://gist.github.com/TimRecktenwald/f4b0d1edbb87e75c17c639ca0bacba57","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T20:49:30Z/"}],"url":"https://gist.github.com/TimRecktenwald/f4b0d1edbb87e75c17c639ca0bacba57"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/aa0791fc286d785ccd33ccc706f7bb3ed05b1d7f","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T20:49:30Z/"}],"url":"https://github.com/microweber/microweber/commit/aa0791fc286d785ccd33ccc706f7bb3ed05b1d7f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-70792","reference_id":"CVE-2025-70792","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-70792"},{"reference_url":"https://github.com/advisories/GHSA-6w5w-jx4x-vjvw","reference_id":"GHSA-6w5w-jx4x-vjvw","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6w5w-jx4x-vjvw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73880?format=json","purl":"pkg:composer/microweber/microweber@2.0.20","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.20"}],"aliases":["CVE-2025-70792","GHSA-6w5w-jx4x-vjvw"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pkwt-7cf8-7qet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57562?format=json","vulnerability_id":"VCID-q42j-dth6-zffz","summary":"Microweber CMS API has authenticated local file inclusion vulnerability\nAn authenticated local file inclusion vulnerability exists in Microweber CMS versions < 1.2.11 through misuse of the backup management API. Authenticated users can abuse the /api/BackupV2/upload and /api/BackupV2/download endpoints to read arbitrary files from the underlying filesystem. By specifying an absolute file path in the src parameter of the upload request, the server may relocate or delete the target file depending on the web service user’s privileges. The corresponding download endpoint can then be used to retrieve the file contents, effectively enabling local file disclosure. This behavior stems from insufficient validation of user-supplied paths and inadequate restrictions on file access and backup logic.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-34076","reference_id":"","reference_type":"","scores":[{"value":"0.48761","scoring_system":"epss","scoring_elements":"0.9782","published_at":"2026-06-08T12:55:00Z"},{"value":"0.48761","scoring_system":"epss","scoring_elements":"0.97819","published_at":"2026-06-09T12:55:00Z"},{"value":"0.48761","scoring_system":"epss","scoring_elements":"0.97817","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-34076"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-03T13:14:29Z/"}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/572bdc36b5b47923790016f6b961c8df53226855","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-03T13:14:29Z/"}],"url":"https://github.com/microweber/microweber/commit/572bdc36b5b47923790016f6b961c8df53226855"},{"reference_url":"https://github.com/microweber/microweber/commit/98d025467128ecc24195dcb56c533febc3c91af6","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-03T13:14:29Z/"}],"url":"https://github.com/microweber/microweber/commit/98d025467128ecc24195dcb56c533febc3c91af6"},{"reference_url":"https://huntr.com/bounties/09218d3f-1f6a-48ae-981c-85e86ad5ed8b","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-03T13:14:29Z/"}],"url":"https://huntr.com/bounties/09218d3f-1f6a-48ae-981c-85e86ad5ed8b"},{"reference_url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/gather/microweber_lfi.rb","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-03T13:14:29Z/"}],"url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/gather/microweber_lfi.rb"},{"reference_url":"https://vulncheck.com/advisories/microweber-cms-lfi","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-03T13:14:29Z/"}],"url":"https://vulncheck.com/advisories/microweber-cms-lfi"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-34076","reference_id":"CVE-2025-34076","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-34076"},{"reference_url":"https://github.com/advisories/GHSA-j64v-xh5w-8hqj","reference_id":"GHSA-j64v-xh5w-8hqj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j64v-xh5w-8hqj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2025-34076","GHSA-j64v-xh5w-8hqj"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q42j-dth6-zffz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110505?format=json","vulnerability_id":"VCID-qpam-xy9j-7kcz","summary":"Cross-site Scripting in microweber\nCross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.19.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2300","reference_id":"","reference_type":"","scores":[{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39532","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39622","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39618","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39581","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39566","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39594","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2300"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/70b46e231e7b2c113666745a0ab6de9a8b7ef08e","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/70b46e231e7b2c113666745a0ab6de9a8b7ef08e"},{"reference_url":"https://huntr.dev/bounties/882d6cf9-64f5-4614-a873-a3030473c817","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/882d6cf9-64f5-4614-a873-a3030473c817"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2300","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2300"},{"reference_url":"https://github.com/advisories/GHSA-q6mp-562x-ggvv","reference_id":"GHSA-q6mp-562x-ggvv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q6mp-562x-ggvv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/149133?format=json","purl":"pkg:composer/microweber/microweber@1.2.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.19"}],"aliases":["CVE-2022-2300","GHSA-q6mp-562x-ggvv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qpam-xy9j-7kcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42999?format=json","vulnerability_id":"VCID-qpbw-t3du-x3au","summary":"Cross-site Scripting in Microweber\nReflected XSS on demo.microweber.org/demo/module/ in GitHub repository microweber/microweber prior to 1.2.15.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1439","reference_id":"","reference_type":"","scores":[{"value":"0.43794","scoring_system":"epss","scoring_elements":"0.97603","published_at":"2026-06-07T12:55:00Z"},{"value":"0.43794","scoring_system":"epss","scoring_elements":"0.97604","published_at":"2026-06-08T12:55:00Z"},{"value":"0.43794","scoring_system":"epss","scoring_elements":"0.97602","published_at":"2026-06-05T12:55:00Z"},{"value":"0.43794","scoring_system":"epss","scoring_elements":"0.97606","published_at":"2026-06-09T12:55:00Z"},{"value":"0.43794","scoring_system":"epss","scoring_elements":"0.97598","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1439"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/ad3928f67b2cd4443f4323d858b666d35a919ba8","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/ad3928f67b2cd4443f4323d858b666d35a919ba8"},{"reference_url":"https://huntr.dev/bounties/86f6a762-0f3d-443d-a676-20f8496907e0","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/86f6a762-0f3d-443d-a676-20f8496907e0"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1439","reference_id":"CVE-2022-1439","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1439"},{"reference_url":"https://github.com/advisories/GHSA-9w7h-3wwh-6m5q","reference_id":"GHSA-9w7h-3wwh-6m5q","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9w7h-3wwh-6m5q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/61533?format=json","purl":"pkg:composer/microweber/microweber@1.2.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.15"}],"aliases":["CVE-2022-1439","GHSA-9w7h-3wwh-6m5q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qpbw-t3du-x3au"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46579?format=json","vulnerability_id":"VCID-r4m7-g754-rkcw","summary":"Microweber Business Logic Errors\nBusiness Logic Errors in GitHub repository microweber/microweber prior to 2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6566","reference_id":"","reference_type":"","scores":[{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32065","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32055","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32032","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32133","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32102","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6566"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/eee0c6771e152022a91089a547272c8a542bb74e","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/eee0c6771e152022a91089a547272c8a542bb74e"},{"reference_url":"https://huntr.com/bounties/cf4b68b5-8d97-4d05-9cde-e76b1a414fd6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.com/bounties/cf4b68b5-8d97-4d05-9cde-e76b1a414fd6"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6566","reference_id":"CVE-2023-6566","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6566"},{"reference_url":"https://github.com/advisories/GHSA-3rpx-pgmf-j96h","reference_id":"GHSA-3rpx-pgmf-j96h","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3rpx-pgmf-j96h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/67588?format=json","purl":"pkg:composer/microweber/microweber@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-77rx-sfvr-n3fm"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jfpu-15p5-5uhj"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-wyrr-s3f6-wkdu"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zm9t-p349-1bff"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.0"}],"aliases":["CVE-2023-6566","GHSA-3rpx-pgmf-j96h"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r4m7-g754-rkcw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109363?format=json","vulnerability_id":"VCID-r4sr-vyks-4ydt","summary":"Microweber vulnerable to Stored Cross-Site Scripting\nMicroweber versions 1.3.1 and prior are vulnerable to stored Cross-site Scripting (XSS). A patch is available on the 1.4, dev, and laravel-sail branches.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4647","reference_id":"","reference_type":"","scores":[{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.68159","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.6816","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.68144","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.68118","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.68158","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.68166","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4647"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/20df56615e61624f5fff149849753869e4b3b936","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-09T18:17:49Z/"}],"url":"https://github.com/microweber/microweber/commit/20df56615e61624f5fff149849753869e4b3b936"},{"reference_url":"https://huntr.dev/bounties/ccdd243d-726c-4199-b742-25c571491242","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-09T18:17:49Z/"}],"url":"https://huntr.dev/bounties/ccdd243d-726c-4199-b742-25c571491242"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4647","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4647"},{"reference_url":"https://github.com/advisories/GHSA-9cmm-52cv-6hvc","reference_id":"GHSA-9cmm-52cv-6hvc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9cmm-52cv-6hvc"}],"fixed_packages":[],"aliases":["CVE-2022-4647","GHSA-9cmm-52cv-6hvc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r4sr-vyks-4ydt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42640?format=json","vulnerability_id":"VCID-rnfd-xc4s-9udp","summary":"Integer Overflow or Wraparound in GitHub repository microweber/microweber prior to 1.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0913","reference_id":"","reference_type":"","scores":[{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74586","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74621","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74594","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74612","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74623","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74618","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0913"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/7559e141d0707f8eeff2f9aeaa5a0ca2e3fe6583","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/7559e141d0707f8eeff2f9aeaa5a0ca2e3fe6583"},{"reference_url":"https://huntr.dev/bounties/f5f3e468-663b-4df0-8340-a2d77e4cc75f","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/f5f3e468-663b-4df0-8340-a2d77e4cc75f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0913","reference_id":"CVE-2022-0913","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0913"},{"reference_url":"https://github.com/advisories/GHSA-c383-q5vf-hx55","reference_id":"GHSA-c383-q5vf-hx55","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c383-q5vf-hx55"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60956?format=json","purl":"pkg:composer/microweber/microweber@1.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.12"}],"aliases":["CVE-2022-0913","GHSA-c383-q5vf-hx55"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rnfd-xc4s-9udp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43307?format=json","vulnerability_id":"VCID-t2xm-mb5g-g3e5","summary":"Incorrect Authorization\nUsers Account Pre-Takeover or Users Account Takeover. in GitHub repository microweber/microweber prior to 1.2.15. Victim Account Take Over. Since, there is no email confirmation, an attacker can easily create an account in the application using the Victim’s Email. This allows an attacker to gain pre-authentication to the victim’s account. Further, due to the lack of proper validation of email coming from Social Login and failing to check if an account already exists, the victim will not identify if an account is already existing. Hence, the attacker’s persistence will remain. An attacker would be able to see all the activities performed by the victim user impacting the confidentiality and attempt to modify/corrupt the data impacting the integrity and availability factor. This attack becomes more interesting when an attacker can register an account from an employee’s email address. Assuming the organization uses G-Suite, it is much more impactful to hijack into an employee’s account.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1631","reference_id":"","reference_type":"","scores":[{"value":"0.11741","scoring_system":"epss","scoring_elements":"0.93828","published_at":"2026-06-04T12:55:00Z"},{"value":"0.11741","scoring_system":"epss","scoring_elements":"0.93837","published_at":"2026-06-06T12:55:00Z"},{"value":"0.11741","scoring_system":"epss","scoring_elements":"0.93838","published_at":"2026-06-05T12:55:00Z"},{"value":"0.15147","scoring_system":"epss","scoring_elements":"0.94732","published_at":"2026-06-08T12:55:00Z"},{"value":"0.15147","scoring_system":"epss","scoring_elements":"0.94738","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1631"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/c162dfffb9bfd264d232aaaf5bb3daee16a3cb38","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/c162dfffb9bfd264d232aaaf5bb3daee16a3cb38"},{"reference_url":"https://huntr.dev/bounties/5494e258-5c7b-44b4-b443-85cff7ae0ba4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/5494e258-5c7b-44b4-b443-85cff7ae0ba4"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50947.txt","reference_id":"CVE-2022-1631","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/50947.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1631","reference_id":"CVE-2022-1631","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1631"},{"reference_url":"https://github.com/advisories/GHSA-73rp-q4rx-5grc","reference_id":"GHSA-73rp-q4rx-5grc","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-73rp-q4rx-5grc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/61533?format=json","purl":"pkg:composer/microweber/microweber@1.2.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.15"}],"aliases":["CVE-2022-1631","GHSA-73rp-q4rx-5grc"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t2xm-mb5g-g3e5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56448?format=json","vulnerability_id":"VCID-t6md-pczt-57ef","summary":"Microweber Cross-site Scripting vulnerability\nCross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the campaign Name (Internal Name) field in the Add new campaign function","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33297","reference_id":"","reference_type":"","scores":[{"value":"0.01414","scoring_system":"epss","scoring_elements":"0.80916","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01414","scoring_system":"epss","scoring_elements":"0.80929","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01414","scoring_system":"epss","scoring_elements":"0.8091","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01414","scoring_system":"epss","scoring_elements":"0.80913","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01414","scoring_system":"epss","scoring_elements":"0.80914","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33297"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/MathSabo/CVE-2024-33297","reference_id":"CVE-2024-33297","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"},{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-14T15:56:41Z/"}],"url":"https://github.com/MathSabo/CVE-2024-33297"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33297","reference_id":"CVE-2024-33297","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-33297"},{"reference_url":"https://github.com/advisories/GHSA-j4v9-cm37-h7c2","reference_id":"GHSA-j4v9-cm37-h7c2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j4v9-cm37-h7c2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/754902?format=json","purl":"pkg:composer/microweber/microweber@2.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-77rx-sfvr-n3fm"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jfpu-15p5-5uhj"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-wyrr-s3f6-wkdu"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zm9t-p349-1bff"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@2.0.10"}],"aliases":["CVE-2024-33297","GHSA-j4v9-cm37-h7c2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t6md-pczt-57ef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42609?format=json","vulnerability_id":"VCID-tu47-hb7m-rybd","summary":"Improper Control of Generation of Code ('Code Injection')\nImproper Neutralization of Special Elements Used in a Template Engine in GitHub repository microweber/microweber prior to 1.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0896","reference_id":"","reference_type":"","scores":[{"value":"0.01009","scoring_system":"epss","scoring_elements":"0.77449","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01009","scoring_system":"epss","scoring_elements":"0.77469","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01009","scoring_system":"epss","scoring_elements":"0.7746","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01009","scoring_system":"epss","scoring_elements":"0.7747","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01009","scoring_system":"epss","scoring_elements":"0.77433","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0896"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/e0224462b3dd6b1f7c6ec1197413afc6019bc3b5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/e0224462b3dd6b1f7c6ec1197413afc6019bc3b5"},{"reference_url":"https://huntr.dev/bounties/113056f1-7a78-4205-9f42-940ad41d8df0","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/113056f1-7a78-4205-9f42-940ad41d8df0"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0896","reference_id":"CVE-2022-0896","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0896"},{"reference_url":"https://github.com/advisories/GHSA-q9qc-pp5x-mc8c","reference_id":"GHSA-q9qc-pp5x-mc8c","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q9qc-pp5x-mc8c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60784?format=json","purl":"pkg:composer/microweber/microweber@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.0"}],"aliases":["CVE-2022-0896","GHSA-q9qc-pp5x-mc8c"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tu47-hb7m-rybd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44861?format=json","vulnerability_id":"VCID-u4de-wy5p-8kcr","summary":"Improper Neutralization of Special Elements used in a Command ('Command Injection')\nCommand Injection in GitHub repository microweber/microweber prior to 1.3.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1877","reference_id":"","reference_type":"","scores":[{"value":"0.04671","scoring_system":"epss","scoring_elements":"0.89529","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04671","scoring_system":"epss","scoring_elements":"0.89545","published_at":"2026-06-09T12:55:00Z"},{"value":"0.04671","scoring_system":"epss","scoring_elements":"0.89526","published_at":"2026-06-07T12:55:00Z"},{"value":"0.04671","scoring_system":"epss","scoring_elements":"0.8951","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04671","scoring_system":"epss","scoring_elements":"0.89528","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1877"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/93a906d0bf096c3ab1674012a90c88d101e76c8d","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-10T20:41:00Z/"}],"url":"https://github.com/microweber/microweber/commit/93a906d0bf096c3ab1674012a90c88d101e76c8d"},{"reference_url":"https://huntr.dev/bounties/71fe4b3b-20ac-448c-8191-7b99d7ffaf55","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-10T20:41:00Z/"}],"url":"https://huntr.dev/bounties/71fe4b3b-20ac-448c-8191-7b99d7ffaf55"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1877","reference_id":"CVE-2023-1877","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1877"},{"reference_url":"https://github.com/advisories/GHSA-582p-2fpg-x226","reference_id":"GHSA-582p-2fpg-x226","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-582p-2fpg-x226"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64542?format=json","purl":"pkg:composer/microweber/microweber@1.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.3"}],"aliases":["CVE-2023-1877","GHSA-582p-2fpg-x226"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u4de-wy5p-8kcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42620?format=json","vulnerability_id":"VCID-uu5f-9uk2-ckhk","summary":"Static Code Injection in Microweber\nStatic Code Injection in GitHub repository microweber/microweber prior to 1.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0895","reference_id":"","reference_type":"","scores":[{"value":"0.01204","scoring_system":"epss","scoring_elements":"0.79271","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01204","scoring_system":"epss","scoring_elements":"0.79302","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01204","scoring_system":"epss","scoring_elements":"0.79284","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01204","scoring_system":"epss","scoring_elements":"0.79295","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01204","scoring_system":"epss","scoring_elements":"0.79303","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01204","scoring_system":"epss","scoring_elements":"0.79298","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0895"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/b2baab6e582b2efe63788d367a2bb61a2fa26470","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/b2baab6e582b2efe63788d367a2bb61a2fa26470"},{"reference_url":"https://huntr.dev/bounties/3c070828-fd00-476c-be33-9c877172363d","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/3c070828-fd00-476c-be33-9c877172363d"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0895","reference_id":"CVE-2022-0895","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0895"},{"reference_url":"https://github.com/advisories/GHSA-x28w-hvwc-mp75","reference_id":"GHSA-x28w-hvwc-mp75","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x28w-hvwc-mp75"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60784?format=json","purl":"pkg:composer/microweber/microweber@1.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.0"}],"aliases":["CVE-2022-0895","GHSA-x28w-hvwc-mp75"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uu5f-9uk2-ckhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42537?format=json","vulnerability_id":"VCID-v1hf-kdyw-yueb","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0723","reference_id":"","reference_type":"","scores":[{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59959","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.60009","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.60006","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59998","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.5998","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00384","scoring_system":"epss","scoring_elements":"0.59997","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0723"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/15e519a86e4b24526abaf9e6dc81cb1af86843a5","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/15e519a86e4b24526abaf9e6dc81cb1af86843a5"},{"reference_url":"https://huntr.dev/bounties/16b0547b-1bb3-493c-8a00-5b6a11fca1c5","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/16b0547b-1bb3-493c-8a00-5b6a11fca1c5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0723","reference_id":"CVE-2022-0723","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0723"},{"reference_url":"https://github.com/advisories/GHSA-4p92-fv6v-fhfj","reference_id":"GHSA-4p92-fv6v-fhfj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4p92-fv6v-fhfj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0723","GHSA-4p92-fv6v-fhfj"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v1hf-kdyw-yueb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42391?format=json","vulnerability_id":"VCID-v43b-bant-nyad","summary":"URL Redirection to Untrusted Site ('Open Redirect')\nAn open redirect flaw was found in microweber.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0560","reference_id":"","reference_type":"","scores":[{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.5485","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.5491","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54889","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54908","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54917","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54907","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0560"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/72d4b12cc487f56a859a8570ada4efb77b4b8c63","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/72d4b12cc487f56a859a8570ada4efb77b4b8c63"},{"reference_url":"https://huntr.dev/bounties/c9d586e7-0fa1-47ab-a2b3-b890e8dc9b25","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/c9d586e7-0fa1-47ab-a2b3-b890e8dc9b25"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0560","reference_id":"CVE-2022-0560","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0560"},{"reference_url":"https://github.com/advisories/GHSA-r992-xph6-h7x2","reference_id":"GHSA-r992-xph6-h7x2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r992-xph6-h7x2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0560","GHSA-r992-xph6-h7x2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v43b-bant-nyad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42434?format=json","vulnerability_id":"VCID-w1rd-p9x2-j7g6","summary":"Business Logic Errors in microweber were identified.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0596","reference_id":"","reference_type":"","scores":[{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49719","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49793","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49783","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49762","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49745","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49775","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0596"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/91a9d899741557c75050614ff7adb8c0e3feb005","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/91a9d899741557c75050614ff7adb8c0e3feb005"},{"reference_url":"https://huntr.dev/bounties/f68b994e-2b8b-49f5-af2a-8cd99e8048a5","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/f68b994e-2b8b-49f5-af2a-8cd99e8048a5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0596","reference_id":"CVE-2022-0596","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0596"},{"reference_url":"https://github.com/advisories/GHSA-vpq7-m4qm-p2gp","reference_id":"GHSA-vpq7-m4qm-p2gp","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vpq7-m4qm-p2gp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0596","GHSA-vpq7-m4qm-p2gp"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w1rd-p9x2-j7g6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42495?format=json","vulnerability_id":"VCID-wu8r-rjfa-g7dx","summary":"Business Logic Errors in microweber\nUse multiple time the one-time coupon in Packagist microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0689","reference_id":"","reference_type":"","scores":[{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.52066","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.52103","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.52084","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.52115","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.52136","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.52126","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0689"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/c3c25ae6c421bb4a65df9e0035edcc2f75594a04","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/c3c25ae6c421bb4a65df9e0035edcc2f75594a04"},{"reference_url":"https://huntr.dev/bounties/fa5dbbd3-97fe-41a9-8797-2e54d9a9c649","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/fa5dbbd3-97fe-41a9-8797-2e54d9a9c649"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0689","reference_id":"CVE-2022-0689","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0689"},{"reference_url":"https://github.com/advisories/GHSA-3p9j-442x-hjp7","reference_id":"GHSA-3p9j-442x-hjp7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3p9j-442x-hjp7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0689","GHSA-3p9j-442x-hjp7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wu8r-rjfa-g7dx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42641?format=json","vulnerability_id":"VCID-xcsn-8sp3-hkg3","summary":"Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0912","reference_id":"","reference_type":"","scores":[{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41285","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41365","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.4136","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41314","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41303","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41334","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0912"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/24245297231f5dc88bb3a2b20d0e4e25b0ebc789","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/24245297231f5dc88bb3a2b20d0e4e25b0ebc789"},{"reference_url":"https://huntr.dev/bounties/ae5bb359-7e53-498b-848e-540c05b44c54","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/ae5bb359-7e53-498b-848e-540c05b44c54"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0912","reference_id":"CVE-2022-0912","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0912"},{"reference_url":"https://github.com/advisories/GHSA-6vx5-cg2p-7g5v","reference_id":"GHSA-6vx5-cg2p-7g5v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6vx5-cg2p-7g5v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"},{"url":"http://public2.vulnerablecode.io/api/packages/60956?format=json","purl":"pkg:composer/microweber/microweber@1.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.12"}],"aliases":["CVE-2022-0912","GHSA-6vx5-cg2p-7g5v"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xcsn-8sp3-hkg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44867?format=json","vulnerability_id":"VCID-xx51-cdfq-cucq","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1881","reference_id":"","reference_type":"","scores":[{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49694","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49737","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.4972","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.4975","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49767","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49758","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1881"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/8d039de2d615956f6df8df0bb1045ff3be88f183","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-10T19:49:59Z/"}],"url":"https://github.com/microweber/microweber/commit/8d039de2d615956f6df8df0bb1045ff3be88f183"},{"reference_url":"https://huntr.dev/bounties/d5ebc2bd-8638-41c4-bf72-7c906c601344","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-10T19:49:59Z/"}],"url":"https://huntr.dev/bounties/d5ebc2bd-8638-41c4-bf72-7c906c601344"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1881","reference_id":"CVE-2023-1881","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1881"},{"reference_url":"https://github.com/advisories/GHSA-hhjm-mpmf-cxg9","reference_id":"GHSA-hhjm-mpmf-cxg9","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hhjm-mpmf-cxg9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64542?format=json","purl":"pkg:composer/microweber/microweber@1.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.3"}],"aliases":["CVE-2023-1881","GHSA-hhjm-mpmf-cxg9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xx51-cdfq-cucq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55644?format=json","vulnerability_id":"VCID-ye1c-995f-uffg","summary":"Microweber Cross Site Scripting (XSS) vulnerability\nMicroweber 2.0.16 was discovered to contain a Cross Site Scripting (XSS) vulnerability via userfiles\\modules\\tags\\add_tagging_tagged.php.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-41380","reference_id":"","reference_type":"","scores":[{"value":"0.01293","scoring_system":"epss","scoring_elements":"0.80055","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01293","scoring_system":"epss","scoring_elements":"0.80035","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01293","scoring_system":"epss","scoring_elements":"0.80044","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01293","scoring_system":"epss","scoring_elements":"0.8005","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01293","scoring_system":"epss","scoring_elements":"0.80045","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-41380"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/issues/1111","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T18:44:06Z/"}],"url":"https://github.com/microweber/microweber/issues/1111"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-41380","reference_id":"CVE-2024-41380","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-41380"},{"reference_url":"https://github.com/advisories/GHSA-hf66-xfgj-42g8","reference_id":"GHSA-hf66-xfgj-42g8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hf66-xfgj-42g8"}],"fixed_packages":[],"aliases":["CVE-2024-41380","GHSA-hf66-xfgj-42g8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ye1c-995f-uffg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42644?format=json","vulnerability_id":"VCID-ywzf-dq4n-8ub4","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nXSS on dynamic_text module in GitHub repository microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0929","reference_id":"","reference_type":"","scores":[{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.69257","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.693","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.6928","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.69296","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.69305","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.69297","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0929"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/de6d17b52d261902653fbdd2ecefcaac82e54256","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/de6d17b52d261902653fbdd2ecefcaac82e54256"},{"reference_url":"https://huntr.dev/bounties/66abf7ec-2dd7-4cb7-87f5-e91375883f03","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/66abf7ec-2dd7-4cb7-87f5-e91375883f03"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0929","reference_id":"CVE-2022-0929","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0929"},{"reference_url":"https://github.com/advisories/GHSA-5fxf-x22x-5q38","reference_id":"GHSA-5fxf-x22x-5q38","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5fxf-x22x-5q38"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"},{"url":"http://public2.vulnerablecode.io/api/packages/60956?format=json","purl":"pkg:composer/microweber/microweber@1.2.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.12"}],"aliases":["CVE-2022-0929","GHSA-5fxf-x22x-5q38"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ywzf-dq4n-8ub4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44944?format=json","vulnerability_id":"VCID-zjzm-apy1-3ycu","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Generic in GitHub repository microweber/microweber prior to 1.3.3.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2014","reference_id":"","reference_type":"","scores":[{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.54972","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.54952","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.54971","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00315","scoring_system":"epss","scoring_elements":"0.54981","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2014"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/1a9b904722b35b00653c6ae72dca2969149159b3","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:37:48Z/"}],"url":"https://github.com/microweber/microweber/commit/1a9b904722b35b00653c6ae72dca2969149159b3"},{"reference_url":"https://huntr.dev/bounties/a77bf7ed-6b61-452e-b5ee-e20017e28d1a","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-06T21:37:48Z/"}],"url":"https://huntr.dev/bounties/a77bf7ed-6b61-452e-b5ee-e20017e28d1a"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2014","reference_id":"CVE-2023-2014","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2014"},{"reference_url":"https://github.com/advisories/GHSA-f4g6-c47x-qhww","reference_id":"GHSA-f4g6-c47x-qhww","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f4g6-c47x-qhww"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64542?format=json","purl":"pkg:composer/microweber/microweber@1.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.3.3"}],"aliases":["CVE-2023-2014","GHSA-f4g6-c47x-qhww"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zjzm-apy1-3ycu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42221?format=json","vulnerability_id":"VCID-zm6m-8uc5-nkdx","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0379","reference_id":"","reference_type":"","scores":[{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.57098","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.57158","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.5715","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.57149","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.57131","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.57146","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0379"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/commit/f017cbfbd5c4f097d2c78c5e15b6c8a9da479d7b","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber/commit/f017cbfbd5c4f097d2c78c5e15b6c8a9da479d7b"},{"reference_url":"https://huntr.dev/bounties/933f94b8-c5e7-4c3a-92e0-4d1577d5fee6","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/933f94b8-c5e7-4c3a-92e0-4d1577d5fee6"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0379","reference_id":"CVE-2022-0379","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0379"},{"reference_url":"https://github.com/advisories/GHSA-prff-6j8q-vrv7","reference_id":"GHSA-prff-6j8q-vrv7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-prff-6j8q-vrv7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60236?format=json","purl":"pkg:composer/microweber/microweber@1.2.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-134y-zfv9-dfdm"},{"vulnerability":"VCID-1b1v-qwjt-aqex"},{"vulnerability":"VCID-1g32-s1rj-pudx"},{"vulnerability":"VCID-1ga3-v4ww-6kd9"},{"vulnerability":"VCID-1uhd-zk26-67fq"},{"vulnerability":"VCID-1vkt-7xcf-jfdm"},{"vulnerability":"VCID-24g4-qkgh-juby"},{"vulnerability":"VCID-2s4c-twpg-xfed"},{"vulnerability":"VCID-2v1q-rcbt-skdh"},{"vulnerability":"VCID-2zjc-axfa-myaf"},{"vulnerability":"VCID-34tz-yfnz-pqcj"},{"vulnerability":"VCID-4cz1-k4s6-cuep"},{"vulnerability":"VCID-4pap-526e-4kea"},{"vulnerability":"VCID-5dbu-xx9r-euac"},{"vulnerability":"VCID-5dvd-bu4g-pkha"},{"vulnerability":"VCID-5udv-gpdc-k3he"},{"vulnerability":"VCID-6h14-edpz-nfaf"},{"vulnerability":"VCID-76h1-36zm-gkhs"},{"vulnerability":"VCID-7aqf-5qq6-9kak"},{"vulnerability":"VCID-7q86-jthq-mfeb"},{"vulnerability":"VCID-7wcg-mtsc-mqa8"},{"vulnerability":"VCID-88sa-4yv8-ybc2"},{"vulnerability":"VCID-8syx-k5wt-ubhw"},{"vulnerability":"VCID-ardw-ehgx-2uas"},{"vulnerability":"VCID-atxq-nn14-47ap"},{"vulnerability":"VCID-b3qa-cash-tbbs"},{"vulnerability":"VCID-b76c-c1bk-uqhs"},{"vulnerability":"VCID-bq4d-7vyh-2bdv"},{"vulnerability":"VCID-c4mc-8mcd-aygx"},{"vulnerability":"VCID-cmud-xdjj-2fbd"},{"vulnerability":"VCID-cyk3-wsc6-qqeh"},{"vulnerability":"VCID-d7q4-rg6w-rudw"},{"vulnerability":"VCID-d9ye-asqs-4kb4"},{"vulnerability":"VCID-dc9a-rqcd-jqfx"},{"vulnerability":"VCID-e5ez-vpd8-hua1"},{"vulnerability":"VCID-eepv-8w3x-a7gn"},{"vulnerability":"VCID-em3c-rjmf-c7bn"},{"vulnerability":"VCID-etnf-hdsf-qbh7"},{"vulnerability":"VCID-eyny-kp2f-fqgq"},{"vulnerability":"VCID-ffw7-eb3s-w7dt"},{"vulnerability":"VCID-g3w8-c5z6-1yaz"},{"vulnerability":"VCID-g698-yeg3-33cv"},{"vulnerability":"VCID-gmr6-tbe3-zkh5"},{"vulnerability":"VCID-gue4-1xas-9qe6"},{"vulnerability":"VCID-jbsw-p37m-8bat"},{"vulnerability":"VCID-jewv-gtbh-xqeg"},{"vulnerability":"VCID-jzqm-3xf2-pqcc"},{"vulnerability":"VCID-kbqk-a5yu-6bhr"},{"vulnerability":"VCID-kknn-9pxu-j7cq"},{"vulnerability":"VCID-kqgb-n43y-muaa"},{"vulnerability":"VCID-m1n6-dgw1-83ep"},{"vulnerability":"VCID-mhbj-vxny-tkhx"},{"vulnerability":"VCID-mysh-ufu9-bubf"},{"vulnerability":"VCID-pkwt-7cf8-7qet"},{"vulnerability":"VCID-qpam-xy9j-7kcz"},{"vulnerability":"VCID-qpbw-t3du-x3au"},{"vulnerability":"VCID-r4m7-g754-rkcw"},{"vulnerability":"VCID-r4sr-vyks-4ydt"},{"vulnerability":"VCID-rnfd-xc4s-9udp"},{"vulnerability":"VCID-t2xm-mb5g-g3e5"},{"vulnerability":"VCID-t6md-pczt-57ef"},{"vulnerability":"VCID-tu47-hb7m-rybd"},{"vulnerability":"VCID-u4de-wy5p-8kcr"},{"vulnerability":"VCID-uu5f-9uk2-ckhk"},{"vulnerability":"VCID-xx51-cdfq-cucq"},{"vulnerability":"VCID-ye1c-995f-uffg"},{"vulnerability":"VCID-zjzm-apy1-3ycu"},{"vulnerability":"VCID-zmbt-5sbt-9fe4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.11"}],"aliases":["CVE-2022-0379","GHSA-prff-6j8q-vrv7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zm6m-8uc5-nkdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55625?format=json","vulnerability_id":"VCID-zmbt-5sbt-9fe4","summary":"Microweber Cross Site Scripting (XSS) vulnerability\nMicroweber 2.0.16 was discovered to contain a Cross Site Scripting (XSS) vulnerability via userfiles\\modules\\settings\\admin.php.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-41381","reference_id":"","reference_type":"","scores":[{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.79177","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.79188","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.79196","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.79191","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-41381"},{"reference_url":"https://github.com/microweber/microweber","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/microweber/microweber"},{"reference_url":"https://github.com/microweber/microweber/issues/1110","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T19:07:48Z/"}],"url":"https://github.com/microweber/microweber/issues/1110"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-41381","reference_id":"CVE-2024-41381","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-41381"},{"reference_url":"https://github.com/advisories/GHSA-h4xf-wx99-jmv4","reference_id":"GHSA-h4xf-wx99-jmv4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h4xf-wx99-jmv4"}],"fixed_packages":[],"aliases":["CVE-2024-41381","GHSA-h4xf-wx99-jmv4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zmbt-5sbt-9fe4"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/microweber/microweber@1.2.7"}